BT Business Direct - PC Hardware, Components, Software, Digital Cameras, MP3 players
BT logo
Buy Products


In May 2018, the Data Protection Directive was replaced by the EU’s General Data Protection Regulation (GDPR). Although the UK is in the midst of BREXIT, these regulations are likely to be converted into British law. Now’s the perfect time to take a fresh look at your data security to make sure you’re compliant.

What you need to know

On April 14, 2016, the European Parliament adopted a new regulation that replaced the 1995 Data Protection Directive. This new regulation, EU 2016/679, aims to strengthen and unify data protection for individuals within the EU. It also covers the export of personal data outside the EU and was effective from May 25, 2018.

Data privacy is an important issue for organisations who are processing and controlling personal data in the EU. Its awareness is steadily increasing and might introduce all kinds of questions about the consequences it may have to your organisation. For example, organisations may be concerned about how personal data of citizens is protected. Especially when we see incidents involving data breaches that expose millions of records to criminal activity.

At its most basic level, organisations need to know if they have the right cyber security tools and processes in place to prevent the loss or theft of their customers’ data. We'll show you what you need to know about GDPR, the key changes under this new legislation, and how we can help with our range of secure IT solutions.

Who does it affect?

The new data-protection regulation like the current DP Directive, affects all industries and organisations that process personal data. It’s applicable to both public and private sectors.

What are the penalties?

In the event of a compliance breach, supervisory authorities can impose fines of up to 4% of an organisation’s worldwide annual turnover, or €20 million — whichever is higher.

When does it happen?

With its publication in the Official Journal of the EU, the regulation came into force on 25th May, 2018.

Who do I tell when I have a breach?

You’ll have to notify your supervisory authority within 72 hours of any data breach, and you may also have to notify your customers.

Key changes under GDPR

To help you understand the changes around GDPR, take a look through these 4 key areas1 to understand your organisation and customer rights.

1. Personal Privacy

Individuals have the right to:

  • Access their personal data
  • Correct errors in their personal data
  • Erase their personal data
  • Object to processing of their personal data
  • Export personal data

2. Controls and notifications

Organisations will need to:

  • Protect personal data using appropriate security
  • Notify authorities of personal data breaches
  • Obtain appropriate consents for processing data
  • Keep records detailing data processing

3. Transparent policies

Organisations are required to:

  • Provide clear notice of data collection
  • Outline processing purposes and use cases
  • Define data retention and deletion policies

4. IT and training

Organisations will need to:

  • Train privacy personnel and employees
  • Audit and update data policies
  • Erase their personal data
  • Employ a Data Protection Officer (if required)
  • Create and manage compliant vendor contracts

What you need to do next

Appoint a Data Protection Officer eye

You’ll need to appoint a Data Protection Officer who’ll be responsible for monitoring and enforcing GDPR policies and procedures. You can hire internally and combine the duties of a Data Protection Officer with another role. However, the person appointed must be completely impartial so those who work in IT, HR or Finance, as they have access to a lot of data, may not be the best choice.

Research what GDPR means for you eye

There are lots of resources online that can keep you up to date with GDPR. The ICO has a variety of information, including a new self-assessment tool. You can complete a form to see where you’re up to on your GDPR compliance journey and what you need to do next.

class="more-info-btn purple-btn white-text">More info

Check your data and how you store it eye

In order to be in control of your data, you must know:

  • What data you hold
  • How long you’ve held it for
  • And how it’s stored

The data you hold should be secured and encrypted to make sure it doesn’t end up in the wrong hands. You may also find that you’re storing data you don’t need or that has expired (passed the date of how long you should keep it). In this case, you must find a way to dispose of it securely and we can help you with this.

More info

Choose the right technology eye

We can work with you to ensure that your network, the devices you’re using and your security infrastructure are as secure as they can be. We have a range of recommended secure devices that will make sure you have the best defences when it comes to hackers.

More info

Update your privacy notices eye

Under the GDPR you must be transparent with your customers and those that you hold data of. You must make it clear what data you hold, how it is held and what it is being used for. You can do this really easily with a privacy notice. If you have them already, they may just need updating. There are some good and bad examples of privacy notices on the ICO website.

More info

Encrypt your data eye

Again, there are several ways you can encrypt your data. We can recommend the best ways to do so and this way you’re adding another defensive layer to your system.

More info

Plan for continuous compliance eye

You need to make sure that your organisation and employees are being compliant in everything they do, from handling data to using it or disposing of it. You need to make a robust plan of how you’re going to maintain compliance and not forget about new procedures.

How we can help

Here at BT, we have an extensive range of resources and experience available to guide your way through security. Whether you’re worried about the upcoming GDPR changes or just want to keep up-to-date with the latest security threats, we can help.

Why BT for security?

If you’re considering a complete infrastructure security review, we can provide you with expertise from all parts of BT and work with you to deliver a complete end-to-end solution.

We can help improve security across your IT estate

With a huge range of products and solutions from the world’s leading vendors, we can help you improve security across almost every aspect of your IT estate. Whether the chinks in your armour come from your network, devices, print estate, software, storage or your physical facilities, we can help you close the gaps.

What solutions can help me get secure?

The GDPR establishes encryption as an appropriate technical measure for the security of personal data. Wherever you are on your GDPR journey, our solutions can help you get more secure.

Stay more secure with Windows 10 Pro

The security capabilities available today in Windows 10 can help you on your journey to reducing risks and achieving compliance with the GDPR.

A lost device doesn’t have to mean leaked data

BitLocker + BitLocker To Go
Keep your peace of mind by encrypting your data on your computers’ hard drives and even on your USB drives, so your business information is protected when a device is lost or stolen.

Your employees won’t need to remember passwords

Windows Hello
With Windows 10 Pro, you’re the password. Windows Hello2 is the password-free sign-in that gives you the fastest, most secure way to unlock your Windows devices. Using your face or fingerprint, it recognises you and logs you in with a friendly hello. And it even works on apps and Microsoft Edge websites. Keep your peace of mind by encrypting your data on your computers’ hard drives and even on your USB drives, so your business information is protected when a device is lost or stolen.

Securely separate business and personal information

Windows Information Protection
You can control how your employees use your business data, for example - block them from copying customer or financial data into social media apps. You can help protect data wherever it lives, without affecting your user experience.3 With Windows 10 Pro, you’re the password. Windows Hello2 is the password-free sign-in that gives you the fastest, most secure way to unlock your Windows devices. Using your face or fingerprint, it recognises you and logs you in with a friendly hello. And it even works on apps and Microsoft Edge websites. Keep your peace of mind by encrypting your data on your computers’ hard drives and even on your USB drives, so your business information is protected when a device is lost or stolen.

The most secure Windows ever

Permission to speak freely

Digitally Enhanced Cordless Telecommunication (DECT) is a 1.9 GHz technology that utilises a dedicated part of the wireless spectrum. It provides high levels of security and audio quality in the office.

Protect your communications with Plantronics DECT headsets

Reduce eavesdropping

Plantronics DECT headsets meet the enhanced security standards of the DECT Forum Security Certificate, designed to reduce the risk of eavesdropping.

A new key every minute

Derived cipher key procedure limits the opportunity for hacking attempts by updating the cipher key at least once every 60 seconds during the encryption process.

Stronger data stream protection

Early encryption now starts immediately after a connection is established, so no information is exchanged without being encrypted.

DECT security certified products

Savi and CS500 headsets keep conversations safe and secure. With 8 discreet security measures, including 64-bit encryption, confidential information remains private.

Savi 700 series

More Info

CS500 series

More Info

Introducing the “Silicon Root of Trust”

Arm your server infrastructure with industry leading innovations to prevent, detect and recover from threats. Silicon Root of Trust designs security directly into HPE’s server management chip (iLO5).

Silicon fingerprint

It creates a fingerprint in the silicon, preventing servers from booting up unless the firmware matches the fingerprint. This innovation comes as standard with iLO5.

Secure technology

It includes state-of-the-art encryption and breach detection technologies. This means iLO5 is regularly checking firmware during the operation of the server to ensure firmware is not compromised.

Silicon firmware

Only HPE offers industry standard servers with major firmware anchored into the silicon. Servers from other vendors are less secure in terms of malware attack through firmware, and this is expected to remain the same for several years.

Introducing the HPE ProLiant MicroServer Gen10 Small Scale Server

More Info

Protect every keystroke

Why do I need Advanced Encryption Standard (AES) for a keyboard?

Wireless keyboards transmit information over the air, which creates an often overlooked point of vulnerability. Without proper security measures in place, a cyber-thief could intercept your keystrokes and gain access to your passwords, credit card numbers, and other vital information.

Microsoft AES Keyboard range

More Info

Secure. Sleek. Powerful.

Powerful security in a business laptop

Dell data protection and encryption protects your data across all endpoints, including external media and in public cloud storage. Stop advanced malware in its tracks, and set up a protected workspace with advanced authentication options.

Now you don’t have to choose between style and security. The Latitude 7000 series is now thinner and lighter than ever. And with 6th Gen Intel® Core™ vPro™ processors, you can power right through your work.

More Info

Still being infected by malware?

We have the solution

As the industry’s first Secure Internet Gateway in the cloud, Cisco Umbrella provides the first line of defence against threats online. Umbrella is delivered from the cloud, so it’s the easiest way to protect all of your users in minutes.


Intelligence to uncover current and emerging threats.


Visibility for activity across all devices and ports, anywhere.


Stop phishing, malware, and ransomware earlier.

Cisco Umbrella Demo

Start protecting your users today with a 14 day free trial5

More Info

View things you need to know

  2. Windows Hello requires specialised biometric hardware
  3. Windows Information Protection requires either Mobile Device Management (MDM) or System Center Configuration Manager to manage settings.
  4. Based on external firm conducting cyber security penetration testing of a range of server products from a range of manufacturers, May 2017
  5. Your trial will end 14 days after you’ve activated your trial. The 14 days of your trial are consecutive and cannot be paused or transferred. There’s only one trial available per organisation. This offer is open to IT professionals. The offer is open to new customers as well as existing Cisco Meraki customers but cannot be used by customers who already have Cisco Umbrella. For Cisco’s full terms and conditions, please visit

Verified by visa Mastercard secure Waste of Electrical and Electronic Equipment (WEEE) Directive