What You Need to Know About the General Data Protection Regulation (GDPR)
If you do business, either directly or indirectly, with companies or individuals in the European Union (EU), you may be subject to the General Data Protection Regulation or GDPR. The EU GDPR is the most important change in data privacy regulation in 20 years, and it’s in your best interest to make sure you’re protected.
What does the GDPR mean for you?
There are significant penalties for violation of the regulation so ask yourself the following questions:
- Are you doing business with any entities in the EU?
- Do you store person specific data about your customers in the EU?
- Are you working with, or selling goods or services to, companies or individuals in the EU that may interact with personal data?
If you answered yes to any of these questions, or are curious about your potential liability you should seek further advice. Much of the GDPR is about compliance and protecting data privacy. After four years of preparation and debate the GDPR was approved and will go into effect on May 25, 2018. At that time, organizations who are not in compliance may face heavy fines.
GDPR processes and procedures to ensure your data is safe may include:
- Requiring the consent of subjects for data processing
- Anonymizing collected data to protect privacy
- Providing data breach notifications
- Safely handling the transfer of data across borders
- Requiring certain companies to appoint a data protection officer to oversee GDPR compliance
If you may be in a situation where GDPR will affect you, or if you aren’t sure, it’s best to get in touch with someone who can accurately assess your situation and offer solutions. This would also be a good time to schedule an assessment including an external vulnerability scan, to make sure your systems are safe. One of the key elements of the regulation requires that companies implement reasonable data protection measures to protect consumers’ personal data and privacy, which should be done regardless of the GDPR regulation, simply because it’s best practice.
If the changes regarding the GDPR have left you with questions, we can help. We can offer guidance as well as run scans, internally and externally, that allow you to make good decisions and determine your risk for penetration. No matter how you want to address the General Data Protection Regulation, don’t wait. The GDPR becomes active in May of 2018 and you don’t want to end up paying hefty fines.
IT Resource offers data protection services to clients throughout west Michigan and northern Indiana – from Traverse City to Grand Rapids to Fort Wayne and everywhere in between. Call us today to see how we can help protect your data.