How SMEs should deal with data protection laws

HomeBlogsHow SMEs should deal with data protection laws

Today, more business data than ever is being collected. Just think of your own business: there are your business plans; your confidential emails and documents; and, of course, sensitive details about your employees and customers that they wouldn’t want you to share with others. The way data is used – or misused – regularly makes headlines in the media.

While a complex data protection policy would be overkill for most small and medium enterprises (SMEs), it’s crucial that they address data security in a way that’s legally compliant, measured and practical. Where should SMEs start? You can make a good start by keeping in mind the following advice.

Make sure to know who processes your data

SMEs are responsible for what data is kept and how it is used. It is important that data is protected while it is being created, transported and stored. The “data processor” could be the company, an ICT-provider or a mixture of both. Roles and responsibilities depend on the kind of model they have for their ICT services; for example, whether they use an ICT partner to provide services for them.

Check and maintain employee policies to keep data safe

With the rise of mobility and trends such as BYOD, it is harder to manage company data and keep data safe. SMEs should have and maintain clear data protection policies, and make sure their employees know what those policies involve. For example, employees should know what to do and who to call when their mobile device gets stolen.

Take responsibility and ask ICT partner for guarantees

It is the responsibility of SMEs to ensure their ICT partner supports their data protection policies. Partners can provide written assurances that the data is adequately protected by the service they provide. For example, they may do this via marketing material, contractual assurances to the company itself, or through security standards such as ISO27001 and other certification.

Be aware of the European laws on data protection

Legislation on data protection and privacy is complicated and there has been quite some discussion about it. The European Union Directive 95/46 sets a minimum standard for protection of personal data across the EU. Some member states have adopted a stricter approach in their local laws. Each EU member state has a supervisory authority to oversee compliance with data protection and privacy laws in their country.

Ask ICT-partners for advice

As the volume of data generated by businesses continues to grow, ensuring regulatory compliance is a complex business. It is useful to regularly check for new rules and legislations about data protection. However, as SME’s want to focus on their own business and not on the latest data protection laws, they should not hesitate to rely on the expertise of their ICT partners and ask them for advice on data protection.

Make Do

19 May 2014

Recent posts

A Colt employee is speaking into a laptop with a headset, smiling and passionately gesticulating to his interlocutor, representing digital accessibility

Accessibility Awareness Week 2023 and Colt’s Optimising Accessibility Roadmap

By Rachel Collins, Colt’s Head of Diversity, Equity & Inclusion   Today marks Global Accessibility Awareness Day (GAAD): a worldwide event that gets everyone talking, thinking and learning about digital access and inclusion. When mentioning accessibility, many people think about removing physical barriers. When so much of our world is digital, it is crucial to...
Continue Reading
A friendly-looking woman scrolls through an iPad, representing a company with a good net promotor score

Starting 2023 with record-breaking Net Promotor Scores in Europe and Asia

What a start to the year! We’ve just achieved two new Net Promotor Score (NPS) company records. That’s now 74 in Europe – higher than our previous record from the last quarter – and 66 in Asia, a huge jump from our record of 51 which we set a year ago. These scores are a...
Continue Reading

Multicast market data distribution in the cloud is here – what’s next?

Capital market companies are no strangers to the cloud. Within their industry, they have been amongst the most enthusiastic adopters of this technology, although adoption has been curbed by one major challenge – multicast market data distribution in the cloud. In collaboration with AWS, we have developed a solution based on leading-edge technology that allows...
Continue Reading