In May 2018 the new General Data Protection Regulations (GDPR) came in to force and there still is a fair amount of confusion about just what exactly must be done to become compliant. Additionally, in 2019 the new ePrivacy regulation will come in to force and it will run in parallel with GDPR.
Most businesses are already familiar with the GDPR and the ISO 27000 series of standards. But there are many more regulations that businesses have to comply with. Possibly even more if your business operates internationally.
The Network and Information Systems Directive (NIS) came in to force slightly earlier in May 2018; businesses providing essential services within the energy, transport and health sectors will need to comply with NIS.
The 2019 ePrivacy Regulation will overlap with, and carry more importance than, the GDPR. Marketing preferences will be heavily regulated under ePrivacy and if your GDPR privacy policies are not compliant with ePrivacy then you may find that you are having to re-permission your customers again.
If your business accepts credit card payments or stores credit card information then you must be PCI-DSS compliant.
We can advise on, document and implement the policies and procedures that your business needs to have in place to be compliant.