After four years in the making, the European Union’s General Data Protection Regulation (GDPR) received its legislative approval. The regulation will be going into effect on May 25, 2018, and provides a new set of rules to govern the processing of personal data, replacing the 1995 EU Data Protection Directive (“Directive”). GDPR is the law.
The General Data Protection Regulation (GDPR) deadline is coming soon — taking effect on May 25th, 2018. There are a few questions that need to be answered: “Why the GDPR?” and “What is the GDPR?"
First, the Why? GDPR was formed to enforce data privacy rights. Handing over personal data online has become commonplace. We all pay bills, do our banking, purchase online products and services from an array of businesses. Every time we do, we hand over our personal data. Our personal information is captured by companies some of which we had direct contact with and some companies that captured our information without our knowledge. As consumers our online footprint has grown exponentially throughout the years and so too has the door to cyber risk. Data protection is at the forefront of our minds. To protect individual’s data, the GDPR was created.
What is the GDPR? The GDPR applies to all member states of the European Union and beyond Europe. If you are a company that does business overseas this will affect you. The GDPR aims to protect citizens rights in giving them more control over their personal data. Data subjects will have complete control over how their data is processed and stored whether outside or within the European Union.
Top 5 Things to Know about GDPR
- Right to be Forgotten. When the individual no longer wants their data to be processed, the data stored must be deleted.
- Easier access to one’s data. Individuals will be notified of how their data is being used.
- Data Breach Notifications. Businesses should monitor personal data and set-up security measures to enable the detection of any data breach. If a breach is detected, the business must report the breach to authorities and contact the individuals effected within 72 hours of the breach OR when the breach is recognized within the organization.
- Data Protection by design and by default. Any business that obtains, processes and stores individual data subject information should have their technological framework set-up so that data is used for the sole purpose of what it was obtained for and only those within your company who need access are able to obtain it.
- Enforcement of the rules. Businesses that are found to be in breach of the GDPR will be fined up to 4% of the annual global turnover or 20 million Euros.
Wireless Analytics implemented the technical steps to ensure GDPR compliancy. But, it didn’t end there. Technical measures are required by law but equally important are the processes and the training of your employees on the logistics of GDPR. Wireless Analytics is committed to the security and privacy of our client’s data. Are you ready for GDPR? We are!
If you are interested in learning about Wireless Analytics and our services, schedule an appointment with me for a free data analysis.