Organizations across Europe and throughout the world must review and update their data privacy policies to comply with the General Data Protection Regulation (GDPR). Let Access help.
What is the GDPR?
The GDPR is the new data protection law that will go into effect across the European Union on May 25, 2018. Replacing the current Data Protection Directive that was established in 1995, the General Data Protection Regulation aims to protect the data privacy of all EU citizens with statutes that are more in line with our modern day, data-driven world.
How will the GDPR affect your organization?
In a world where data breaches and cyber crimes are a regular occurrence, the way organizations approach data privacy must grow and evolve with these ever-changing threats. The GDPR aims to change the way organizations across Europe collect, use and transfer EU citizens’ personal information.
Even if your business is not located in Europe, the GDPR applies to any company that processes the personal data of EU citizens. Organizations that do not comply by the May 25th deadline risk facing fines as high as $20 million euro or up to 4% of their annual global turnover.
Companies will also be required to obtain consent in a clear, distinguishable fashion, as well as offer consumers the ability to easily withdraw their consent. In the event of a data breach, organizations will be required to notify the public within 72 hours of becoming aware of the breach.
To protect the privacy and personal information of consumers in the EU, the GDPR also expands the rights of EU citizens. Under the new law, citizens will be able to:
- Learn if their personal data is being processed, as well as where and why it is being processed.
- Request their data be erased.
- Receive the personal data that concerns them.
How can you prepare for the GDPR?
In order to ensure compliance with all of the GDPR requirements, thorough preparation is essential. To be successful in implementing a data privacy initiative, companies must:
- Raise awareness within their organization. Discuss the impact the GDPR will have on your business’ daily operations with other leaders and decision makers, then a plan of action can be put into place.
- Review your current privacy policies and make the appropriate updates. Do you know where your organization collects data or how it is stored and shared? Conduct an information audit to learn where you need to make changes, then work on clearly defining your policy.
- Prepare for the worst by putting a data breach detection and response plan in place. Make sure your procedures are clear and ensure all team members know how to respond.
Let Access Help You Prepare and Stay Compliant
Access can help your organization determine the next steps towards achieving GDPR compliance. Contact us today to learn more about how we can help you protect information.