Posted on July 27, 2017 by staff

Premier League club shows commitment to GDPR


Premier League football club West Ham United has partnered with leading cyber security consultancy Foregenix to prepare for the upcoming GDPR’s new data privacy rules.

The project will include a number of cyber security initiatives and build on the work carried out as part of the club’s move to their new London Stadium home.

Mike Bohndiek, head of IT at West Ham, has said the partnership will benefit both fans and employees alike.

“Football clubs like West Ham United maintain a huge amount of personally identifiable information data that must be used and protected in line with the General Data Protection Regulation (GDPR) which comes into force next year,” he said.

“Ticketing, fan membership, hospitality and player medical data are just a few examples where GDPR will have an impact.

“With less than a year before it becomes law, it is important that we are prepared for what is widely acknowledged as a long overdue revamp of the Data Protection Act.

“We chose Foregenix because they have a long pedigree in payment security and compliance.

“With the Payment Industry Card Data Security Standard (PCI-DSS) and GDPR inextricably linked in certain areas it makes sense to use someone who can optimize our efforts to comply with both requirements.”

Richard Jones, business development manager at Foregenix, said: “The recent cyber-attacks that have made the news clearly demonstrate that organisations of all sizes can be vulnerable targets.

“Indeed there are manyparallels between cyber security compliance and the beautiful game. Both require a sound defence and need to be played according to the rules.”

Benj Hosack, chief commercial officer of Foregenix, said: “We’re pleased to be working with West Ham to safeguard its data for players, staff and fans and let the only defence the club has to worry about be on the pitch and not online.”

The GDPR will officially replace the Data Protection Act as of May 2018. Penalties for non-compliance with the GDPR are up to 4 per cent of annual global turnover or up to €20million, whichever is greater.