What the GDPR means for your business?

Share

Johannes Caspar, the data protection commissioner in the German city-state of Hamburg, told Reuters he felt the data protection board mandated in GDPR is "a cumbersome - and for outsiders certainly opaque - exercise".

40% of United Kingdom consumers intend to exercise their new rights to data access under the GDPR in the next six months, new research has revealed.

The EU GDPR compliance requirements are stricter than comparable regulations for handling personal information in the US, such as HIPAA and FERPA. This is a question many Indian startups and enterprises are grappling with as Europe races to embrace GDPR regulations coming into force by 25 May. In recent years, companies both foreign and domestic have been adjusting their business practices to be in compliance with the European Union's General Data Protection Regulation. Consent enables companies to be transparent, gain loyal customers and protect their business from costly fines as well as potentially disruptive business processes related to proving to customers how their data is being stored and managed.

Tech giants like Facebook, Google and businesses whose revenue is based on the collecting and sharing of data will likely be among the early targets of GDPR enforcement.

This data can then be used by businesses to better understand customers' behaviour and make strategic decisions. The GDPR will replace the European Commission's Data Protection Directive passed in 1995, officially called Directive 95/46/EC.

The use of the words "large scale" have caused much speculation as to whether small and medium-sized businesses will be exempt from this requirement; however, this is not the case, and it depends on the size of your organisation and the sector that you are in.

Do your processes live up to the GDPR expectation of "privacy from start to finish". Use of mobile device management tools is one measure companies can take to remotely wipe or kill a compromised or lost device in order to prevent a data breach, according to Osterman's 2018 report What You Should Know About the GDPR.

Israeli PM: Iran Seeking to Deploy Very Dangerous Weapons in Syria
Then, the celebrity chef served up a dessert in the shape of a double-headed Trump and Netanyahu. The statement later added: "We have the utmost respect for the Japanese prime minister".

The launch of GDPR comes as data privacy is making headlines, with Facebook facing intense scrutiny over the leak of 87 million users' personal data to Cambridge Analytica, a political consultancy that advised U.S. President Donald Trump's election campaign.

The bottom line: Compliance with the GDPR may not be a legal requirement for USA -based companies, but it may be good for business.

People will have to give consent to you to store their personal information, and it goes beyond having automated ticks in boxes on your website forms.

In the build up to GDPR going live later this month we've seen a number of big names in the tech space updating their privacy policies.

"You will need to update your privacy notices to provide the additional information required by the GDPR, and you may well need to relook the portions of any contracts with European Union residents and citizens that deal with their data rights", says the Sage executive vice president.

GDPR works like an extension to data privacy regulations. Companies should take time to train employees in best practice when it comes to handling data. Policies should also state whether customers' data are being provided to third parties. Few if any mid-sized South African firms could afford such a steep sanction, and legacy issues compound problems around compliance, increasing their risk and potential liability.

Share