Are you ready for the new European Data Protection legislation to come into effect in 2018? The legislation, developed by the European Union with the intention of creating an unequivocal and safe European digital environment, will affect all organisations dealing with sensitive data.
The GDPR legislation is there to protect citizens against data theft and loss, ensuring all organisations that handle data to take due care and attention. Processes related to collecting, processing, using and sharing data are about to change. With this legislation, Europe are applying some of the most advanced laws on data protection and privacy: In an increasingly digitized society, it is important to have confidence that an organisation is adept at handling your data.
The new situation
The incoming legislation presents organisations with strict boundaries with regard to collecting and saving personal information. Anyone breaching these strict terms is punishable by law. One example of an existing duty we have is that of obtaining permission to place cookies. An additional obligation to arise will be to obtain your contact’s explicit permission to collect, handle and use their data. Several countries in Europe already required you to obtain consent to send certain types of email, now you will need this consent per topic and message type. For instance, if someone agrees to receive your newsletter, this will not allow you to send him or her offers, and vice versa.
Data transferred over a network is at greater risk of a leak or incident, therefore the GDPR compels you to take appropriate technical and organisational measures to protect personal data against calamities, loss, mutation, unlawful deletion, illicit publication and unauthorized access. Additionally, the new regulations mean that certain requirements will apply directly to data processors for the first time, which is likely to affect Cloud Service Providers for example. Also, the GDPR expands the territorial scope to not only those established in the EU, but also any processing of personal data subjects who reside in the European Union, where processing relates to the offering of goods or services to them, or the monitoring of their behaviour.
Working towards the GDPR
While these examples may appear simple, the consequences of this legislation on the whole certainly won’t be. Many organisations – both commercial and not-for-profit – are going to have to ask themselves: how do we prepare for compliance with this law?
Asking this question alone will not be enough; taking action is a matter of urgency. Organisations will have to start acting now with immediate effect, putting in place measures to ensure compliance with the legislation by 25th May 2018. Failure to comply could have disastrous consequences for your organisation, not only the implication of financial penalty, but also the potential damage to your company’s reputation. With maximum fines as high as twenty million euros or four percent of one’s global turnover, whichever is highest, the overall impact could be significant – to the point of bankrupting a company.
Act now!
Don’t delay, act now! Contact Global Knowledge for information, training and support to help you take the appropriate action and fully prepare your organisation for the implementation of the General Data Protection Regulation.
Global Knowledge
Global Knowledge provides a range of GDPR-ready courses. Please contact your local Global Knowledge Training advisor via 0118 912 1929. Alternatively you can visit our website for more information.
The post Are you ready for the new General Data Protection Regulation (GDPR)? Act now! appeared first on Global Knowledge UK Blog.
