We hope you find our blog area of use, keep checking back to review useful posts and articles we will compile from our expertise and experiences.
From time to time our heroes will post articles about their experiences and give useful advice that can help guide you to a successful data backup strategy.
We hate to be the bearers of bad news, but here’s the thing.
If you’re currently breathing a sigh of relief that the General Data Protection Regulation (GDPR) deadline of May 25th, 2018 has passed, then you might be in for a shock. That’s because this is only the beginning of the journey. The period of grace is over and from now, every business that fails to comply with the terms of the GDPR could face large fines.
It means that those companies sending an opt-in email under the assumption that this sole action would meet all GDPR obligations, could be heading for a nasty surprise.
Fundamental change starts from this point on.
And there is one GDPR principle which deserves particular attention: the right to erasure, also known as the right to be forgotten.
Rights and responsibilities
Under Article 17 of the GDPR, data subjects (or ‘people’ as we like to call them here, but we’ll stick with the legal jargon for the time being) have the right to be forgotten under certain circumstances. Individuals can make this request verbally or in writing and invoke this right if, for example:
Subjects would probably expect the right to be applied to any backups too. Any restoration from a backup should not override live data with previously deleted information.
However, there is an immediately obvious problem here, especially if deleting one person’s data could adversely affect another individual’s records or there is a legal need to keep hold of personal data. Balancing the competing needs of retention against the right to erasure really is a minefield. That’s where working with a trusted IT partner can ease the GDPR headache.
Step forward, Backup Heroes.
Best practices for GDPR and back ups
Knowing what data you hold about a person, where it is stored and how to access it if they ask to see it, is a good starting point.
If you ever had to stand before the Information Commissioner and explain yourself, you should be confident that your data handling processes – including the way you back up data – are robust and well-documented. You need to be sure that you are doing the right thing, and that your outsourced backup and Disaster Recovery provider is also GDPR compliant.
To protect personal data, best practice dictates that it should be archived safely and securely, with the ability to – also safely and securely - retrieve information if required.
Our Veeam-powered backup solution offers the following benefits:
Give us a call on 0845 241 6370 and we’ll be happy to talk through our services.