Share on facebook
Share on twitter
Share on linkedin
Share on email

May 25 is Deadline to Comply with the EU’s General Data Protection Regulation

law

Along with losing weight and exercising more, your 2018 New Year’s resolutions should include this: Get your company compliant with the General Data Protection Regulation by May 25.

Or else?

Or else your company could face €10 million to €20 million in fines – not to mention risk a public relations nightmare.

BACKGROUND

folder

The European Union Parliament adopted the GDPR in April, 2016 to protect personal data of EU citizens and regulate how such data may be used. This regulation not only applies to organizations — data controllers and data processors — located within the EU. It also applies to those outside the EU if they offer goods or services to, or monitor the behavior of, EU data subjects. (This means you!) The exception is organizations in the United Kingdom, which is expected to have its own, similar regulation post-Brexit.

Parliament said in a news announcement at the time that the GDPR aims “to give citizens back control of their personal data and create a high, uniform level of data protection across the EU fit for the digital era.”

Provisions include things like a user’s “clear and affirmative consent” to the processing of private data, a user’s right to transfer data to another service provider, and to know when their data has been hacked, access to privacy policies that are explained in clear and understandable language, and stronger enforcement and high fines as a deterrent to breaking the rules.

RELEVANT DEFINITIONS

book

Personal data is any information related to a natural person or data subject that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.

A data controller is the entity that determines the purposes, conditions, and means of the processing of personal data. A data processor is an entity which processes personal data on behalf of the controller.

WHAT YOU SHOULD DO

checklist

Experts agree GDPR awareness is crucial from top to bottom of an affected organization. You need to educate personnel and establish protocols. Do you have an emergency handbook for coping with data breaches? This is the time to consider one. In some circumstances, you may need to appoint a Chief Data Protection Officer.

Other recommended steps are review and documentation of your data security procedures. Have you done a security audit or penetration test lately?

Note, too, the GDPR requires servers which hold or process any personal data are within compliant facilities.

If all this seems overwhelming, don’t worry. Consultants are available to help.  Some experts even point out any expense you may incur adding help for GDPR compliance will likely be far below what you’d pay in penalties for non-compliance.

ABOUT THOSE FINES

Cost of Acquisition

Fines are case specific, and reportedly will be given mostly when violations result in any real damage. Violators should be ready to shell out up to €10 million to €20 million, based on different sections of the regulation, like having the correct consent registered of the user, correct authoritative certifications to process sensitive data (like correct PCI-DSS level to process credit card information), and so on; or violating rights and freedoms of data — things like cross-border data transfers, handling and securing personal data, transparency on why/how you handle data.

 


For more information about this topic or ways to more effectively leverage your data, contact your InfoTrust Consultant today.

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on email
Email

Other Articles You Will Enjoy

InfoTrust and Tag Inspector Named Quanties Finalists

InfoTrust and Tag Inspector Named Quanties Finalists

The entire analytics consulting and technology team at InfoTrust is thrilled to be recognized as finalists in three categories at the upcoming DAA OneConference‘s…

Why Having a Data Layer is Critical During Black Friday Weekend

Why Having a Data Layer is Critical During Black Friday Weekend

Black Friday and Cyber Monday annually present marketers with ample eCommerce insights, as high traffic and large purchase volumes offer rich customer data for…

What Is Your Customer Data Doing Right Now?

What Is Your Customer Data Doing Right Now?

Do you or key stakeholders in your organization really know how or if your customer data is being collected, stored, and used? A discussion like…

InfoTrust Named to Inc. 5000 List for Fifth Straight Year

InfoTrust Named to Inc. 5000 List for Fifth Straight Year

InfoTrust ranks No. 1,855 on the 2019 Inc. 5000 list with a 3-year revenue growth of 218%. BLUE ASH, OH – Inc. Magazine yesterday…

Are You Getting the Most Out of Your Google Analytics 360 Partner?

Are You Getting the Most Out of Your Google Analytics 360 Partner?

At InfoTrust, we are extremely proud as an organization to be a Google Analytics Certified Partner and Google Analytics 360 Sales Partner. It’s a…

It’s a Great Time To Be a Woman in Technology and Analytics

It’s a Great Time To Be a Woman in Technology and Analytics

I still remember my first job as a systems engineer in a bank. I was the only woman in the entire floor of the…

InfoTrust Earns Great Place to Work Certification for Third Straight Year

InfoTrust Earns Great Place to Work Certification for Third Straight Year

The InfoTrust team is thrilled to announce that our organization has once again been certified as a “Great Place to Work.” This is the…

Inc. Magazine: Why Entrepreneurs are Uniquely Positioned to Transform Our World

Inc. Magazine: Why Entrepreneurs are Uniquely Positioned to Transform Our World

InfoTrust’s CEO and co-founder, Alex Yastrebenetsky had the honor to attend the International Entrepreneurial Summit at the United Nations. This blog article was originally…

See How ITP, ETP and Other Browser Cookie Changes Affect Your Analytics

See How ITP, ETP and Other Browser Cookie Changes Affect Your Analytics

You’ve likely seen the abbreviation for Intelligent Tracking Prevention, ITP, strewn across the headlines of tech and marketing blogs over the past year. The…

Leave Us A Review

Leave a review and let us know how we’re doing. Only actual clients, please.