The GDPR (General Data Protection Regulation) was adopted by the European Parliament as of April, 2016 which can be treated as a replacement of an outdated directive of year 1995 relating to data protection. This regulation is said to be coming to effect from 25th May, 2018. It incorporates measures that the businesses need to take on, so as to protect the personal (sensitive) data and thereby maintain privacy for the EU citizens. So, GDPR moves in here in order to regulate all the transactions that happen within the member states of EU as well as the personal data that has to be exported to places outside EU.
The types of private data which the GDPR would protect include primary identity information (like, name, address, ID numbers), web data (like, location, cookie data, IP address, RFID tags), health and genetic data, racial or ethnic data, sexual orientation, biometric data and political opinions. It is a mandate that any organization (or company) which either stores or processes sensitive information of the EU citizens within the states of EU should adhere to GDPR, even though they don't have any business presence within EU. The sectors that would be affected the most by GDPR are as follows; technology (53 %), inline services (45 %), software companies (44 %), financial services (37 %), online services or SaaS (34 %) with retail or consumer packaged goods (33 %). With respect to any sort of non-compliance, GDPR instructs for levying steep penalties that can go up to 20 million or 4 percent of the global annual turnover, whichever is higher.
GDPR deals with defining roles such as data controller (who looks into how the data would be processed along with its purpose of processing and ensuring that the outside contractors comply), data processor (which can either be internal groups who deal in maintaining and processing of personal data or an outsourcing firm which does complete or just a part of the mentioned activities) and DPO (data protection officer). For any sign of non-compliance or data breach, GDPR would hold the processor liable. It's also true that even though the processing partner is entirely at fault, still both that is, our company along with the processing partner would be held liable for huge penalties. Hence, GDPR would act as an iron clad set of rules to instruct the stakeholders involved as to know how the data flows so that the implementation of sensitive data protection principles becomes easier.
This indicates that being a company (or organization), one must make sure that they are well aware of all the changes coming up and what do the changes mean to you.Read More
In order to start with the process of being GDPR compliant, there must be a sense of urgency which comes down from the top management. In order to prioritize any kind of cyber preparedness, there must be the involvement of an executive leadership. Being compliant with the global hygiene standards in relation to data can be considered as a part of that preparedness.Read More
There are reports that talk about the data breaches and cyber-attacks that occur on a daily basis. This is not just for the large companies but small ones too.Read More
When is GDPR coming into effect? : The EU parliament approved as well as adopted GDPR as of April, 2016.Read More
Praesent nec nisl a purus blandit viverra. Praesent ac massa at ligula laoreet iaculis. Nulla neque dolor, sagittis eget, iaculis quis, molestie non, velit. Mauris turpis nunc, blandit et, volutpat molestie, porta ut, ligula.