In about 20 months from now the new data protection rules are coming into force all over the EU. The way they've come since first appearing on the agenda of the EU institutions has been pretty straightforward:
How will the new regulation touch your company?
- There will be one general law governing the protection of personal data in the European Union, instead of 28 different data protection laws.
- Consent for personal data processing will be governed by new rules. Consent must be given by a statement or through a clear affirmative action. Companies will be obliged to demonstrate at any time that consent was given at any time.
- In the event of a data breach involving personal data, companies will be obliged to file a report to data protection authorities within 72 hours of becoming aware of the situation. This means that leaks of personal data will be much more transparent to affected individuals as well as to the general public.
- Companies will have to implement technical and organisational measures to protect personal data. In some cases, they will have to appoint a Data Protection Officer.
- There will be increased fines for data breaches up to 4% of the annual worldwide turnover of a company for the non-compliance with basic requirements (transfer, basic principles of processing). For other breaches, fines will reach up to 2% of annual worldwide turnover.
- Companies will no longer be obliged to notify data processing to Data Protection authorities.
This means that if so far data protection has seemed like a big deal to you, now you know it really is becoming a MUST! Although the Data Protection Regulation is not entering into force until 2018, taking steps to get your company protected against data leaks seems like a smart thing to do immediately.
The fear is real. What's next?
- More than 90% of Europeans say they want the standardized data protection rights across the EU
- 80% of people feel that they do not have complete control of their personal data (2015 Eurobarometer survey)
- 71% of Europeans feel that there is no alternative other than to disclose personal information if they want to obtain products or services (2015 Eurobarometer survey)
- 7 out of 10 people are concerned about their information being used for a different purpose than the one it was collected for (2015 Eurobarometer survey)
- Almost all Europeans say they would want to be informed, should their data be lost or stolen (2015 Eurobarometer survey)
What the stats show is quite self-evident at this moment. Let's face the problem though and make the reason of this anxiety diminish. It seems the new rules will strengthen existing data protection principles and support their enforcement. It's also apparent that personal data protection is going to be top priority for many companies in the coming years. And that's the way to go!
Make the first step towards understanding GDPR and how it affects your company - come to our webinar.
Written by Matej Zachar, Project & Security Manager @Safetica Technologies
“You can never be too paranoid.” - that’s what Matej believes in. His passion is security, yet he loves hiking. Other than that, this gentleman also plays guitar and cooks fairly well. In Safetica, Matej is responsible for implementation projects and product delivery.