GDPR Update

Sunday, 30 September 2018

GDPR has now been in force for over 4 months and while the flurry of inbox activity around privacy notices has now calmed down, the Information Commissioner’s Office (ICO), have issued an update on their GDPR activities over the past few months.

The ICO are responsible for regulating GDPR in the UK and their recent report reveals they receive around 500 calls per week to their breach reporting phone line. Over half of the cybercrimes which led to a security breach were caused by phishing with ransomware and malware being the other main culprits. The ICO report highlights the following learnings:

  • It is important for organisations that they have a robust incident reporting plan in place and that their team know exactly where to find it and what to do if they were faced with a breach situation.
  • Incidents must be reported within 72 hours and it is key that the person reporting the breach is authorised to discuss the problem detail if required.

The Canadian data analytics firm AggregateIQ received the ICO’s first violation notice of GDPR. They face a fine of up to €20m or four per cent of the company's annual turnover, whichever is higher, AggregateIQ have lodged an appeal. Although the data in question was gathered before GDPR came into force on 25th May 2018, the ICO has said AggregateIQ is still liable as they were still holding the data when GDPR came into force

It is worth noting that organisations which process personal data are required to register with the ICO. They have now begun formal enforcement action against over 30 organisations who are failed to pay the new data protection fee. All organisations must pay the fee unless they are exempt. Those who don’t face a maximum fine of up to £4350.

GDPR compliance continues to be a concern for many SMEs. We can help advise on action you can take to ensure your systems are secure. We recommend the UK Government’s Cyber Essential’s Scheme as a great first step in ensuring your company data is protected. We have been independently assessed and accredited as ACE Practiticioners of Cyber Essentials – which means our consultants are qualified to support our IT Support and IT Security customers through the Cyber Essentials certification journey. A multi-layered approach to cyber security is an essential part of this process and something that we recommend for all of our IT support customers across Glasgow, Edinburgh and throughout central Scotland. Why don’t you contact us today for advise on how we can help with your IT support and IT security requirements?

RedMosquito provider IT support services in Glasgow, Edinburgh and throughout central Scotland.


T 0141 348 7950
Glasgow 27 Panorama Business Village, Glasgow. G33 4EN
Edinburgh 8 Albany Street, Edinburgh EH1 3QB


facebook gplus twitter linkedin


Formed in 1999 Red Mosquito provide a complete one-stop technical consultancy service offering managed services IT support, computer maintenance, computer networking and Cloud Services to businesses in Scotland and beyond. We operate as a complete outsourced IT department dealing with all of the day to day administration and configuration of our client's systems.

Based at our Operations Centre in Glasgow and in Edinburgh, we're in the business of providing top quality IT services driven by our passion for technology. Our team of experienced IT support engineers operates throughout Scotland keeping your servers and desktop computers running smoothly so that you can concentrate on what's really important - your business.

We are your IT department.

Case Studies

  • Russel & Aitken

    Founded in Falkirk in 1818 Russel & Aitken is one of the oldest legal firms in Scotland. From the start they have been associated with innovative new technologies and today they continue to maintain a modern and progressive approach to their business.

  • CMS Windows Ltd.

    When Red Mosquito started working with CMS in early 2011 our first task was to fully understand a complex business and the needs of its employees....