
Data protection, information security and a quality product and service are of paramount importance to Legend and our clients. This means a trusted, secure, highly available, fully managed hosting service and industry leading customer care: Legend’s “It just works” philosophy in action.
Legend is ISO 27001 2013 accredited. ISO 27001 is an internationally recognised Information Security Management standard which ensures an organisation has stringent processes and standards in place to reduce risks and manage information security. Certification demonstrates that the whole organisation and solution follows international information security best practice, which is a process continuously audited by an external, independent and accredited body. We select only the highest specification Tier III hosted data centres that are also ISO 27001 2013 certified and PCI DSS compliant.
Gaining this accreditation is a mark of Legend’s commitment to lead the sector with information security best practice. In being ISO 27001 accredited, and only using ISO 27001 certified data centres, our customers can rest assured that their data is professionally managed and secure. Legend has also been awarded an ISO 9001 2015 Quality Management accreditation. This means that all our people, processes and systems are independently audited by professionals to ensure that we comply with the highest industry quality standards throughout our entire business.
Our accreditations are independent validation that with Legend you get information security peace of mind.
Dont take our word for it, see below what our clients think of our security....
GDPR
Incidents, such as the WannaCry Ransomware attack, and the Pay as U Gym incident have placed an increased industry focus on Information Security. Expert advice indicates that this trend is not going to improve. In addition to this threat, all operators are about to be required to address a number of changes associated with compliance with the new General Data Protection Regulations (GDPR), due to come into force in May 2018. Legend has sought to help customers get ready for the fast approaching GDPR changes through a variety of different programmes which will enable them to better prepare for their GDPR responsibilities.
Documentation Provided for GDPR
Legend are providing customers with documentation to assist with GDPR. The first document is the Legend GDPR FAQ's which has been sent to key contacts and is available on the Legend Releases Sites
Information Security/GDPR Briefing Events
Legend have hosted free of charge Information Security/GDPR Briefing Events in London, Manchester, Ireland and Scotland. Events were provided as a service to Legend customers with an interest and a responsibility for Information Security. Slides are available on request.
The events aimed to give guidance as to how leisure industry operators can ensure that they meet the new GDPR requirements and also take sensible measures to protect their business from potential cyber attacks.
Paul Simpson, Legend's Chief Operating Officer and Manager of the ISO 27001 Certified Legend Information Security Management System (ISMS) oversees GDPR for Legend.
Topics Covered
GDPR an Overview
GDPR what are the Threats
Information Security a Culture Change
GDPR Documentation
GDPR an Action Plan
Consultancy Services
Paul Simpson is available for consultancy advice on GDPR and related issues please contact to discuss your individual requirements. All advice is tailored to customer needs.
Legend Publications
Paul Simpson has published a number of articles on GDPR with the aim of guiding customers through the murky waters of the new legislation.
HCM Briefing- Preparing for the GDPR
Preparing for the GDPR – How to store & secure member data
By Paul Simpson Nov/ Dec HCM, Page 92 and online
IT Pro Portal Data Security Article
Health & fitness industry: Time to take action on data security risks
By Paul Simpson September 15, 2017
Time to take action on data security risks Oct 2017, page 53
Handle with care, Oct 2017, page 62
External Help
Advice with GDPR can be taken from the Information Commissioners office and from GDPR specialist members of the legal profession.
Information Commissioners Office
Documents of note are:
Information Commissioners Office Guide to the General GDPR
Preparing for the GDPR 12 Steps
Data Protection Self Assessment Toolkit
Data Protection Self Assessment Toolkit
Wikipedia GDPR information