Member Blog

It is rare that a court case excites both the tabloid and legal presses to the same extent, however that is exactly what happened when Mr Michael Parker (better known by his stage name Michael Barrymore) sued Essex Police following his arrest in relation to the death of Mr Stuart Lubbock.   The facts were these. Mr Barrymore had been for a night out in Harlow. In the early hours of 31 March 2001, Mr Barrymore and eight other people (including Mr Lubbock) returned to Mr Barrymore’s home in Roydon. At 5.45 am, Mr Lubbock (previously an intoxicated but otherwise healthy individual) was found in Mr Barrymore’s swimming pool unconscious and not breathing and he was later pronounced dead. A post mortem examination carried out later that day revealed that Mr Lubbock had suffered severe anal injuries. Two of Mr Barrymore’s guests were arrested on suspicion of Mr Lubbock’s murder, but were not charged. Mr Barrymore himself was arrested for drug offences, for which he received a caution.   On 14 June 2007 (some six years after Mr Lubbock’s death), Mr Barrymore was arrested by Essex Police on suspicion of raping and murdering Mr Lubbock. He was held overnight before being released on bail the next day. On 10 September 2007 the Crown Prosecution Service decided that there was not sufficient evidence to charge anyone with offences relating to Mr Lubbock’s injuries or death.   Mr Barrymore sued Essex Police, alleging that the 2007 arrest was unlawful, and that as a result he had suffered significant damages. Whilst Essex Police admitted that the arrest had been unlawful, they contended that Mr Barrymore was only entitled to receive nominal damages on the basis that he could, and would have been, lawfully arrested but for the delay in attendance of the only officer who had the necessary information to arrest, DC Jenkins.   In order to carry out a lawful arrest a police officer must suspect involvement, or attempted involvement, in the commission of a criminal offence and have reasonable grounds for believing that the person’s arrest is necessary. If an arrest is unlawful, it follows that any detention will be unlawful unless, and until, such arrest is corrected. DC Jenkins had reasonable grounds for such suspicion, however she was caught in traffic. Therefore, DC Cootes carried out the arrest.   Essex Police based their defence on the Supreme Court decision in Lumba v SSHD. In this case it was held that damages for false imprisonment are calculated to “put the claimant in the position he would have been in had the tort not been committed. Thus if the position is that, had the tort not been committed, the claimant would in fact have been in exactly the same position, he will not normally be entitled to anything more than nominal damage” (tort meaning a wrongful act or infringement of a right). Essex Police submitted that, had DC Cootes realised he did not have reasonable grounds he would have called his superiors to obtain such information, or would have waited for DC Jenkins to arrive. On this basis they suggested that Mr Barrymore was entitled to no more than £1.   The Court disagreed. They found that the relevant question was not ‘What would have happened if DC Cootes had had an epiphany about the illegality of his actions?’, but simply ‘What would have happened if DC Cootes hadn’t arrested Mr Barrymore?’. The Court held that if DC Cootes hadn’t unlawfully arrested Mr Barrymore, one of the many other officers present would have, and would have done so unlawfully.   The sum to be awarded is yet to be decided, however it is reported that Mr Barrymore values his claim at more than £2.4 million.   This decision distinctly limits the application of Lumba, and could see substantial damages being awarded in more unlawful arrest and detention cases. Where no officer present at the arrest has sufficient information to have ‘reasonable grounds’ for their suspicion, the claimant in an action for unlawful arrest and detention has grounds to argue their entitlement to substantial damages. This action is now likely to be very attractive for those who believe they have been unlawfully arrested.   If you have any questions on anything covered in this article, please do get in touch with our Criminal Defence Team on 01603 610911.

The question we get asked the second1 most when speaking to clients and potential clients is “how much will my bespoke2 software cost to build?” This is extremely difficult to answer without lots of detail and even then the complexities of software development, the complexity of client requirements and clients changing needs over the course of a project make an accurate estimate challenging.   For this reason, most software development companies shy away from including prices on their website. In fact we checked the websites of a number of our competitors and the closest we found was one who offers a range of fee options from fixed price to a daily rate and a couple who ask for your budget when contacting them for more information. As a client, until you get that first email response, phone call or face-to-face meeting you’re no closer to understanding how much your software will cost. Even then it may be some time before you are any the wiser.   We can’t help you understand how much your project will cost until we speak to you. What we can tell you is how much projects have cost our existing clients. We’ve broken the figures down into the types of services we provide, the minimum project cost, the maximum project cost, the average project costs and where in the range most of the projects sit:   Project Type Minimum Maximum Average (Mean) Most Projects Under Enterprise Software & Mobile Development £3,000 £230,000 £36,000 £40,000 Creative Websites £450 £6,500 £2,500 £1,500 Consultancy £550 £20,700 £3,000 £1,000 * All values are approximate, exclude VAT and are correct as of August 2017   To start investigating how your business problem could be solved with a bespoke application, please contact us for a chat.   __________________ 1 The thing everyone wants to know first is if we can solve their problem. 2 Our software is truly bespoke. We can modify off the shelf software for you, but we don’t consider this truly bespoke.

The Chelmsford team at Pure are taking it in turns to volunteer at lunch clubs organised by local charity Kids Inspire to support disadvantaged children, and their families, throughout the school summer holidays.

Kids Inspire supports young people, and their parents and carers, across Essex who are at educational, social or economic disadvantage. Professional recruitment specialists Pure are long term supporters of the charity and regularly raise money to support the organisation through events such as its annual charity quiz night in the county. When the team investigated further ways in which they could provide support they were invited to become corporate volunteers at its ‘Kids Who Lunch’ clubs.

The clubs have been introduced to help children who would normally receive school lunches and might otherwise miss out on a good meal during the summer holidays. Beyond that, they are also designed to help families who need a helping hand in keeping children occupied over the summer and to provide young people with the chance to make new friends and to learn new things.

Each week, two members of the Pure team are attending the clubs to lend a helping hand during the sessions which include arts and crafts inspired actives, drama and music-themed fun, as well as lunch.

Ellie Punter, Recruitment Administrator at Pure, said: “We were really keen to be able to volunteer with Kids Inspire and the lunch clubs have created the perfect opportunity for us to do so. The charity really appreciates the extra help with setting up, making the food and engaging with the children. The corporate support from ourselves, and other local businesses, has helped to ensure these clubs can take place and provide this support throughout the school holidays. We are all really enjoying being involved. It’s great to see the kids having fun and trying things they have never done before, including eating different kinds of foods.” 

Volunteers and supporters of Kids Inspire play a key role in helping the charity to support disadvantaged young people in turning their lives around and in making a real difference to the lives of vulnerable children

In 2016, Venkat Subramaniam wrote an incredible book called ‘Test-Driving JavaScript Applications’ which, along with JavaScript tools such as Mocha, Istanbul, Prettier and Eslint, have made me fall in love with JavaScript and Node.js (well for UI development anyway). JavaScript isn’t a proper language, right? For a long time I argued not, because the tools weren’t available to develop software with unit tests, static analysis and code coverage. This has changed and now I’m starting to take JavaScript seriously, even beyond jazzing up a web based UI. I’m almost over the lack of static typing.   I’m currently using Express.js, a web framework for Node.js, a lot and Venkat includes a section on testing Express.js routes in his book. They’re a bit like controllers in the Modal View Controllers pattern:   router.get(‘/’, function(req, res, next) {  task.all(function(err, tasks) {   res.send(tasks);  }); });   Venkat’s example test looks like this:   it(‘should register uri / for get’, function(done) {     // …               var registeredCallback = router.get.firstCall.args[1];     registeredCallback(req, res); });   I’ve left out some mocking and other boilerplate for brevity and so that we can concentrate on the one bit I don’t like. Venkat describes the test in full detail in his book.  Take another look at this line:       var registeredCallback = router.get.firstCall.args[1];   What it does is get the second argument for the first get route declared with the router. That’s what is returned by firstCall, the first declared route. So if there is more than one get route declared with the router and at some point you change the order in which they are declared or you declare another get route in-between, the test will break. It’s brittle.   In fact it’s worse. To get the second get route you’d use secondCall and so on. So although it’s probably a very large number, there are a finite number of get routes you can get from the router with this method. For me this rang alarm bells. Google suggested this is the way that everyone is doing it. It appears to be the standard practice. It doesn’t sit at all well with me. I’d much rather be able to look up route in the router by its path. After a while printing all sorts of things to the console to find out the data structures, I was able to develop this:   var rh = {     findGet: function(router, path) {         for (var i = 0; i < router.get.args.length; i++)             if (router.get.args[i][0] === path)                 return router.get.args[i];           return null;     },      // .. };   module.exports = {     execGet: function(router, path, req, res) {         var get = rh.findGet(router, path);         if (get != null) get[1](req, res);     },       // .. };   The findGet function takes a router and the path to test and returns all of the arguments declared for that route or null if it’s not found.  The execGet function uses those arguments to execute the route, meaning that the test now becomes:   it(‘should register uri / for get’, function(done) {         // …           execGet(router, ‘/’, req, res);     });   Which is not only far more expressive, but less brittle and less code per test. It means that the declaration order of the routes for the router no longer matters. Of course similar functions can be added to facilitate testing post, put and delete.   I wanted to write this up as I couldn’t find any other solution with Google. Hopefully it will encourage developers to write more tests for Express routes as they become easier and less brittle.   Click here to read the blog on our site.

Node applications with Express and its companion tools   By Evan Hahn ISBN: 978-1617292422   This is another excellent JavaScript book from Manning. It contains a great introduction to Express.js and I wish I’d read it sooner as it explains a lot of things about Express.js and how to use it, as well as the tools surrounding it and Node.js, which I had previously worked out for myself. If you’re thinking of writing a web application, especially one in JavaScript, I recommend you read this book first.   The book is far from perfect. It could have been a lot shorter. There is a fair amount of repetition and the chatty style makes it overly verbose and irritating in many places.  The author tries to cover too much and goes beyond Express.js unnecessarily in a few places. However, given that, it’s still not a huge book and quite easy to read.   Click here to read the blog on our site.

By Douglas Crockford ISBN: 978-0596517748   Every JavaScript developer with a pre-existing working knowledge of JavaScript should read this book. JavaScript is a powerful and varied language, but it was developed in a hurry and there’s plenty wrong with it. This book outlines the good bits of the language and highlights the bad bits and the bits you should just avoid. There’s also a fair amount about the author’s JSLint project in the appendices.   This book was written in 2008 and probably needs updating. It’s hard going in places and the diagrams did little to nothing to help my understanding. I’ve come away still wondering about new and constructors, but I know I just need to review them again when I need them and it’ll get clearer.  I’m still not sure which function declaration syntax is best, but I’m not sure it matters too much.   Click here to read the blog on our site.

Small Business Advice Week (SBAW) will enter its 14th year this September. Set up to maximise the potential of the UK’s thriving SME industry, this week is here to help the UK’s 4.5 million SMEs thrive in tough times.

Small Business Advice Week

•             4th-10th September 2017

•             Advice from leading experts and businesses

•             Closer look at Grants & Cashflow

Enterprise agency Nwes and NatWest have partnered to host a series of free events in King’s Lynn, Lowestoft and Norwich for aspiring entrepreneurs,

Held on 5th, 6th and 7th September, the theme for Small Business Advice Week 2017 events is growth and productivity.  The week is set to see leading experts and businesses provide all important advice on how SMEs can maximize growth and productivity over the coming year. 

Considering the economic uncertainty created by Brexit, the key partners of SBAW will be discussing valuable recommendations, to boost the confidence of SME’s in how to optimise their enterprises, discussing important issues, such as accounting, an online presence, and security.

In a recent speech, Mark Carney, Governor of the Bank of England offered some words of encouragement to forward-thinking businesses:

“While the most productive companies have continued to innovate, others have become slower at adopting those innovations.  Speeding up the rate of take-up of new inventions and processes… would provide a significant boost to overall productivity growth.” Whilst accumulating popular support from key industry players, SBAW has also gained support from parliament, with former Prime Minister David Cameron championing the event.  

Andy Gray, local Business Growth Enabler for NatWest said:

“New research by Nominet, the official registry for UK domain names, has revealed that Norwich is in the Top 10 most popular cities for entrepreneurs.   I am excited to bring together the wealth of knowledge that exists across Norfolk into  three events to support our business community. 

The collaboration between Nwes and NatWest for Small Business Advice Week 2017 demonstrates the commitment they both have for Norfolk and the surrounding area.”

With 99% of all business in the UK being classified as small or medium, despite international conglomerates continuing to grab the headlines, SBAW is here to champion the unsung backbone of the UK economy.

To find out more and to register visit www.nwes.org.uk/events

Directorzone GRID company interview series: Paul Grenyer, CEO of Naked Element.

• The story
• Innovation
• What’s next?
• GRID co-ordinates and relationships:

The story   Paul Grenyer took the classic route – and one of the best – into entrepreneurship: the company he was contracting for, Aviva, became the first client of his new business, NAKED ELEMENT, in 2012.   After nearly a decade of coding for financial services firms – Lehman Brothers, Barclays Capital and Aviva – he decided to build a business in Norwich, reputedly one of the best parts of the UK to live and work in*.   So what does Naked Element do? It’s a software, web and mobile applications developer that converts inefficient company systems into time- and money-saving software. Most of the applications are for internal commercial and administrative processes and some are public-facing.   Paul is an active figure in the Norwich tech and business scene. In addition to playing an active role in local networks, he is Director of Norfolk Developers which organises software development events and workshops. He is a passionate advocate for apprenticeships and Naked Element walks the talk in nurturing its own apprentices.   Innovation   Naked Element has discovered that what it is really good at is crunching complexity – analysing intricate and laborious processes and building secure, elegant software that keeps on working. In comparison to the traditional software development model, clients like these Naked Element innovations:   BITE-SIZED CHUNKS – the fact that the work is carried out in 2-week iterations (Agile) – allowing for continuous interaction and small, sometimes radical, changes in client requirements; OWNERSHIP …. that the client gets to own the source code from day (or iteration) one; IT WORKS – thanks to the reliability of Naked Element software, which comes from an obsession with robust software, automated testing and continuous measurement.   The plaudits: FOUNTAIN PARTNERSHIP: “Naked Element has saved us 4 weeks’ worth of work per year! The script they built us is saving up to 95% of our processing time. What was taking 20 hours of work is now only taking an hour – a big saving.” IDSYSTEMS: “Despite the vast complexities behind the system, we have received feedback from almost every user that it is the most straightforward, and often the best, system they have ever used. The product delivered by Paul and Naked Element has given us the opportunity to grow the business and keep ahead of the competition.”   What’s next?   Although Naked Element has worked with local companies to date, it has just won new business in London and further afield as it spreads its wings into new geographies and markets.   Given his background in Financial Services, Paul would be interested to get more involved with fintech companies. Having said this, however, Naked Element is sector-agnostic — it’s just hungry for complexity….   GRID co-ordinates and relationships   Founded: 2012 Business: software developer Location: Norwich, NR1 Size: micro enterprise Staff: 4 + contractors   Customers (selection):

• 4itsec – Cyber Security Advisors
• Bluemoon Investigations – Private investigators
• Broadland Radiators – heating and cooling systems
• C A Design Services – design and building data
• Clarke St James – Adwords, social media marketing and SEO
• Create Design – Architects
• Digital Media London/Your media London – lifestyle magazines
• Electrical Testing – Electrical inspection and testing
• Feedmark – Supplements for horses
• Fountain Partnership – Digital Marketing Agency
• ID Systems – Windows and Doors Manufacturers and Installers
• Integro Languages – Translation services
• Luminous PR – Tech PR agency
• Multi Signs – Signage and banners
• Residentially – Chartered surveyors
• Soak Digital – Specialist digital and data design agency
• SQN – Clinical biometrics
• Wantdontwant.com – Second hand office furniture, office desks, chairs and storage
• Water Management Alliance – Group of Internal Drainage Boards

Suppliers (selection):

• Amazon – Hosting
• Cracknell Law – Legal
• Digital Ocean – Hosting
• Farnell Clarke – Accountants
• Hugh J Boswell – Insurance
• Onebyte – Phone Systems
• Premier Links – Hardware
• Redcat Partnership – Health and Safety
• Sandler – Sales Training

Click here to read the blog on our site.   The link to the interview on DirectorZone’s site: https://www.director-zone.com/publish/1562

There’s plenty of development going on right now…and you will have views on how this development may affect your business. If you think a development proposal will affect your business then it is important that you make your voice heard to those making the decisions.

When a planning application is made you have an opportunity to make a representation to the local council about that development. The local planning authority are statutorily required to consider yours and all the other comments they receive about an application. As a planning officer for 15 years I read numerous letters of representation on planning applications. However, these letters did not always convey an opinion about the development proposal.

Based on my experience below are 5 tips to ensure your representation conveys your opinion on a planning application.

1.    Clearly state your opinion

If you think the development will have benefits say so. Likewise, if you think the development will have a negative impact say so. However, do not assume that those dealing with the application will make inferences from what you have written. The points you state in your email will be taken into account when the application is processed, but assumptions about what you may or may not have been inferring will not be considered.

2.    Provide justification for your opinion

Your opinion will have more weight if it is justified or explained. For example, if you think a development will support existing business in the area then say how it will do this? Or If you think a development will cause traffic problems, explain what these traffic problems will be.

3.    Avoid only asking questions

It can be relevant to ask questions, but don’t assume your question conveys your opinion. You may think you are implying something by asking a question, but a question is very often just a sentence seeking clarification about something. By asking a question you are not actually giving your opinion on a matter. You can always telephone or use the duty officer service at the council if you require clarification about what is being proposed.

4.    Be concise

You do not need to write any more than is necessary to make your point. Be clear and to the point, and try not to be repetitive or to contradict yourself. A planning application can attract anything from no comments at all to hundreds of comments, and the planning officer will read all of them.

5.    Only include comments relevant to the proposed development

Your email will be considered as a representation on a particular development proposal. If there are other local matters that are affecting your business direct these to the relevant department. If you include matters in your email that don’t relate to the proposed development this can result in your comments about the development not being successfully conveyed. The planning department cannot normally help with existing issues with other public services, and you may find the points you make about those matters never reach the person responsible for them.

A representation on a planning application is your opportunity to give your opinion on that development proposal. Your email will only apply to that one application and any subsequent appeal. If further applications are made in the future you will need to write again. Your comments will not automatically be carried over from one application to another.

Its important that the planning system hears from all those that want to comment on a proposal. Following the above 5 tips will help you make sure your voice heard. However, if you have concerns about a proposed development near you and would like further advice please contact me at [email protected] .

On Wednesday 9th August I attended a roundtable discussion at the Norfolk Chamber of Commerce with Norwich North MP, Chloe Smith, along with several other Chamber members from the agriculture, retail and media sectors. The most recent general election was the first time I could legally vote.. and I did! With this in mind you can imagine as a young person ascending into the world of work I don’t know a great deal about the activities of the government, especially not my local government. Brexit “Brexit”, a very loud continuous noise, and of course at a roundtable discussion with an MP the Brexit conversation is going to arise.  Until this discussion I’d always associated Brexit as a negative thing. I’ve heard numerous businesses speak fiercely how the impact of Brexit will damage their business and decrease their profits. But I was reassured that most of the participants at this meeting see Brexit as much more of an opportunity than a threat. We cannot now go back in the EU on the previous terms due to already triggering article 50 and that we must accept it’s not going to be the same so we must ride it out and see it positivity.  Infrastructure Communications Infrastructure: Broadband Those of us in Norfolk are all aware of our rural broadband struggles, in fact last August Norwich was ranked seventh in a table of cities with the slowest broadband speeds. According to a recent Norfolk Chamber questionnaire, 20% of people stated their network is completely unreliable and a whopping 54% are not having the internet and coverage that they need to complete business as they’d like too and as they need too. 11% of Norfolk still only have access to 2G!  So who’s to blame? Is it BT? A lot of participants around the table mentioned that BT tend to choose where they put their investment, going for easy wins and projects that win them more returns. E.g prioritising residential broadband rather than business. Although the majority of individuals believe BT is a large part of the problem, there are other problems contributing to our slow network speeds, money is a big one.  It is actually possible to invest in your own internet, but you could be looking up to a large spend of £30,000 to put your own reliable internet in place. There are options to take up what’s already about such as this, however local broadband should be improved and businesses shouldn’t be forced to spend such large sums to be able to carry out day to day work.  Not many businesses have instructions on these sorts of options and a marketing campaign was a good suggestion in the meeting to spread the word to businesses that may need it desperately.. that’s if they have the budget. Chloe told us we should take caution in believing that this can be quickly and easily sorted and that it’s not a quick fix. Skills deficit East Anglia student qualification levels are below the UK average and students are not fully prepared for work when they leave education, some of this comes down to national curriculum not being enterprise focused enough. There was discussions of schools not having the correct budget, forcing them to pull out of being a member of the chamber, which will eventually affect their children and their skills. However Chloe reassured us this is not the case, budget is still there.  Although Chloe assured us budget is still there, we are seeing terms of engagement shutting down. Schools haven’t got time or capacity, and we don’t blame the teachers. We understand there’s a lot on them already, so in order to make students life and work ready, what’s the solution? We’re still not sure. “Norwich in 90” On an encouraging last note, network rail has said the “Norwich in 90” line is perfectly achievable by 2024. The government is currently refining an action list to make this possible. Click here to read the blog on our site.  Words by Rain PA

Innovation in e-HR

When local HR Consultancy “Human Capital Department” looked at options available for an e-HR platform for their existing and prospective clients, they found that there was a gap in the market for a Cloud HR solution which was user friendly, and low cost but could be tailored to meet client’s requirements.    

“We believe that there is a need for an e-HR solution suited to SME’s that can be tailored to their specific organisational requirements and that is low cost and user friendly. We have got together with a software house, and our approach will be to develop one application at a time including; time management and holidays, performance management, training and development etc. and ensure that these modules are integrated and link together”. 

Human Capital Department intend to start with the end user in mind, to ensure that they produce something that the market needs, and so would like to reach out to those interested in, or considering introducing an e-HR system, and invite them to attend a “user group meeting”. The meeting will be held at the Kings Lynn Innovation Centre in Kings Lynn on 28th Sept 17 [12:00 – 14:00] to consider what their user requirements might be. [For those unable to attend in person the the meeting will also be available virtually as a zoom meeting]. 

Anyone interested in attending this meeting should contact:

Peter Lawrence on 01553 609968 or

email [email protected]    

General Data Protection Regulation (GDPR) has become quite a buzzword in 2017. With its enforcement on May 25, 2018, many businesses have started preparing themselves for the change. But, the most obvious question that strikes everyone mind is: “What does GDPR mean for me and my business?” The answer to this question is simple – “IT MATTERS A LOT”. After all, GDPR is enforced to make the companies abide the security and privacy factors when maintaining personal information and data of the customers. The purpose of its implementation is to update the existing Data Protection Directive. With the update, the entire process of creating, using, sharing, and storing information was leveled for better data privacy and security. When compared with the past, the effectiveness of GDPR in 2018 will have a huge impact which has already made companies follow the rules much more rigidly, and that, by companies across the globe.

Here are some key points to consider while preparing your organization for GDPR compliance – Wider Geographic Scope

GDPR is not only applicable to the companies based in Europe, but in fact, for all the companies across the world because maintaining privacy and security is a global objective.

If you process or hold information on people then it applies to you (this could be a name and email address or phone number, it has been defined as 2 pieces of information that could be used to identify an individual). So, even if you are running a business online, you are also subject to GDPR in case you collect IP addresses or track cookies.

Severe Penalties

Breaches of personal data are bound to make a company face severe penalties. According to Data Protection Authorities (DPA), for serious infringements a fine of 4% of annual global turnover or €20 million would apply, while for less serious infringement, a fine of up to 2% of global annual turnover would apply.

Organisations Need Explicit Consent from Individuals

Processing customer’s data is no longer an easy thing for organisations because they need to take explicit consent from individuals. In simple terms, individuals are given more rights for processing and transferring their data. Moreover, companies will no longer be able to use illegible terms and conditions. The proof of consent also needs to be available on demand with accuracy and can be requested at any time.

Data Encryption

Protecting customer’s data is mandatory for all companies. This relates to hashing and encryption of personal data in order to keep the information confidential and secure. With the help of data encryption, the potential impacts of data breach also get reduced as information cannot be identified without the encryption key. Even if a breach occurs on any system, the information would still remain secure, thus saving the company from GDPR penalties. THIS IS A KEY PART OF GDPR – If the data is encrypted you are not obligated to report any breach to the authorities or the end user.

Also, encryption of personal data is possible with an existing database format, which helps reduce the work pressure of the company experts since they do not require re-development of current systems and applications.

Data Processing Registry is Mandatory

Companies now need to keep a track of all the data by registering their data in the systems. This means they need to keep electronic record of personal data, which includes the name and contact details of the data controller.

Reporting of Personal Data Breaches is also Mandatory

According to GDPR regulation, businesses need to inform DPA about data breach within 72 hours. If the breach is high, i.e., if it might affect the individuals up to a great extent, they need to be informed without delay. This is not applicable if the data in question is encrypted.

Hire a Data Protection Officer (DPO)

Hiring of Data Protection Officer (DPO) is must, if any organisation is dealing on a large scale of data protection. The DPO will keep an eye on all the activities and monitor whether the organization is operating in compliance with the regulation. Smaller organisations should put sensible policies in place which they can show and adhere to.

Data Protection

Businesses require maintaining data protection by design and by default. This means businesses would require conducting data protection assessments for new products, services and other data processing services.

All data must stay within the EU (this includes via cloud services), if that is not possible and with good reason then a legal agreement should be in place to protect the data in the event of a breach and to make sure the company providing the service is aware of their obligations under GDPR and consent to complying with it.

Data Access Requests

Data is encrypted only in order to keep it safe. Customers have the right to obtain their own unencrypted data from the data controller. They can also demand their data be removed from the controller’s systems. This must be done on request and must be complete, i.e. not leaving it on a backup drive for example.

Data Loss Protection

Prevention of data loss is must, and this is made possible with Data Loss Protection (DLP) software. Outgoing emails, messages, and files which are not encrypted are debarred from outgoing. The encryption of data is must in order to protect and safeguard it from the loss. So, these are a few key points, necessitated by the GDPR changes, which every organization needs to abide by in order to protect customer data. However, any organization cannot make the data encryption task possible all alone. In fact, legal and information security team efforts are also equally essential to comply with these laws. Though many companies are struggling to abide by the rules and regulations of GDPR, they are failing to protect their customer data because of lack of budget and business-level support. Therefore, to meet the requirements of GDPR, it is important for every company to not only have the right expertise but have the right finances, resources, and senior-level support. In fact, only an ideal blend of all these can help in keep up with compliance and keep the data secure. So, what’s your call?

Please give us a call us on +441603 670682 to discuss GDPR in more detail and how we can help you and your IT system. Also keep an eye on www.s2-computers.co.uk/blog for part 2 of this blog.