How General Data Protection Regulation (GDPR) will have impact around the world
With GDPR (General Data Protection Regulation) set to take effect on May 25th 2018. It's important to know these rules apply not only to companies based in the European Union, but also to those that deal with the data of EU citizens. Those businesses that don't comply could face fines of up to 4% of their global revenue, or $22 million – whichever is greater – so it's time to re-examine current business processes and policies to make sure your company is on board with the new regulations.
The regulations in question deal with how organizations process (i.e., collect, use, view, store, share, transfer, modify, or destroy) personal data about EU residents. This data includes physical or electronic information that identifies an individual, or could reasonably be used to identify an individual, including the following: personal data or business contact data (name, job title, IP address); employment personal data (salary, benefits, job performance); financial account personal data (password/PINS, credit card information, bank information); identification or regulated data (driver's license number, date of birth, mother's maiden name); and sensitive personal data (race, gender, religious beliefs, sexual preferences).
A couple of key focus areas for the regulations are:
- The right for consumers to be "forgotten," meaning that a person can request that all of their data on file be deleted, and receive a record of all the interactions they were involved with at an organization
- More detailed consent when even casually browsing a website using cookies or other tracking devices, including different consent notifications for each kind of tracking or interactions
In order to help with compliance, EU regulators published a six-step methodology for businesses to prepare for GDPR that includes the following suggestions:
- Appoint a leader to pilot/drive privacy governance;
- Identify and detail data processing activities;
- Prioritize compliance actions;
- Manage risk;
- Organize and implement internal processes;
- And document compliance measures.
With these new regulations affecting business around the globe, many companies may be wondering how to put in place safeguards to protect against GDPR violations.
Korcomptenz can guide you through this daunting process, using tools like Kentico 11 and other next generation software solutions. We know the regulations and can make recommendations on how to move forward in the brave new world of data protection.