A key piece of assessing the risk and mitigating risks that a recruitment business creates for its clients and candidates in holding their data is IT Security.
Recently, we all had a huge wakeup, with the global spread of the WannaCry ransomware crippling many organisations globally including the NHS. It brought into sharp focus just how devastating a relatively unsophisticated cyberattack can be to organisations and it is widely acknowledged that these attacks are increasing. ComplyGDPR work with a number of trusted IT Audit providers to offer a fully independent risk assessment covering IT, Mobility, Cybersecurity and Ransomware Training. Following the independent risk assessment, the report enables the client to ask their incumbent to action the areas of non-compliance raised or request the 3rd party audit company to carry out the work.
A key factor to consider on your journey to GDPR compliance is the damage a breach will do to your business reputation. Long standing clients may no longer be able or willing to give you assignments, therefore the potential fine, although significant, should not be the primary consideration. Reputational damage to your business and the cost to rebuild that reputation should be the key focus for all board members around GDPR. Start the journey early and shout it from the rooftops as a positive message, differentiating your company from your competitors.