After four years of negotiation, the final text for the EU General Data Protection Regulation (EU GDPR) has been accepted by the European Commission and is expected to come into full force in May 2018.
The new regulation will force businesses torethink their data protection policies – and strengthen them if necessary – helping to protect the rights of some 500 million people living in the European Union. This is vital in a world of vast digital interconnectivity – where access to our personal data is itself big business.
The new regulation will see businesses fined up to €20 million or 4% of their global revenue which could have significant adverse impacts on a business’s operations.
Aaron Fox, Information Security Specialist at HANDD Business Solutions said: “The new EU GDPR ensures that any organisation with a presence in the EU that isstoring or processing the personal data of EU citizens will be subject to the new regulation. This is an extremely important development that safeguards the fundamental rights ofconsumers both in the UK and across the EU.” New EU GDPR legislation aims to protect our personal data more effectively in several ways:
More Rights for Individuals
The new law enhances therights ofindividuals by givingthemmore power to control the way in which personal data is handled. The EU GDPR specifies that companies will be required to respond to first Subject Access Requests (or SARs – where an individual requests a copy of the information an organisation holds about them) for free, as opposed to the current maximum charge of £10 per request.
This will undoubtedly encourage more individuals to leverage their rights under new SAR rules.
Consumers will have the right to ask companies to divulge the length of time their data has been stored. It will also be compulsory for companies to provide clear and affirmative consent on how they intend to use and process a person’s personal data from the outset.
Better Protection of Our Personal Data
The EU GDPR regulation will force companiesto implement solid processes that ensure sensitive personal data is handled securely. In certain circumstances,individualswill have to be notified within 72 hours.
As well as the right to know when their personal data has been breached, consumers can also feel safe that, under new EU GDPRregulation, their personal data can be erasedupon request.
Stronger Controls and Better Risk Management
Under the EU GDPR, companies will be required to undertake better audit processes of personal and sensitive data to identify risks of data breach. This aspect of the regulation ensures that policies are implemented to make privacy and security an integral part every business’s processes.
The EU GDPR will ensure the implementation of better detection, analysis, eradication and remediation technology into businesses in the event of a data breach. In short, the EU GDPR will force companies to react more quickly to reduce the fallout from a data leak. This includes a requirement for companies to beproactive in protecting systems and employing highly skilled staff, in addition to implementing technology for active network monitoring and threat detection.
Better Awareness of Sensitive Data
Finally, a culture shift. Companies will be required to create a culture of responsibility under the EU GDPR.A shift towards personal responsibility for data is likely, and the implementation of new data protection technology will support this. A number of solutions are available that will help in creating a business culture where privacy is at the forefront of every process.
For further reading, visit the European Parliament News website.
About the Author
HANDD Business Solutions is one of the leading global providers and integrators of data security solutions. They currently supply data security solutions to 8 of the 10 largest banks in the world, 2 of the world’s top 5 investment service organisations, and 45% of the FTSE 100.
Company Name: HANDD Business Solutions Ltd
Contact Person: Aaron Fox
Country: United Kingdom