<

Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x

With GDPR, a New Global Data Security Regulatory Cycle Begins

Published on
93 Points
93 Views
Last Modified:
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !

It’s no surprise that as the stakes associated with a potential breach rise, legislators respond by proposing new privacy and data security laws. However, in replacing an incredibly outdated data security regulation (EU Directive 95/46/EC), the EU has now adopted the General Data Protection Regulation (GDPR) which sets a new benchmark in data security requirements with far reaching impacts and high penalties. So, it’s time for us all to get familiar with the GDPR because it applies to any organization that collects “personal data” from any natural EU citizen, regardless of where a business is located.


Yes, despite being created in the EU, GDPR means that even a five-person company based in Belize with an online storefront that sells to Europeans will be required to comply (or make sure their payment processor complies). Also, “personal data” in the GDPR has a much broader definition than what we’ve settled on as PII, or Personally Identifiable Information, in other regulations. An IP address, for example, is considered personal in the GDPR, even though DHCP and dynamic addresses are used.


To ensure rapid adoption of GDPR, huge potential fines for non-compliance are included and enforcement agencies have been established. The Regulation allows for fines up to 4% of worldwide revenue, or €20 million, whichever is higher.


While the potential fines are high enough to push companies to adhere to GDPR, some are struggling to make the sweeping changes needed before the Regulation takes effect on May 25, 2018.  That’s because the scope of the GDPR is large, and the collection of policy, process and technology changes are difficult and time-consuming to implement.  For example, it mandates:

  • Breach notifications within 72 hours (unless breached data was encrypted)
  • New more-explicit notification practices
  • The ability to display a report of all personal data stored per subject, and then delete at their request
  • That personal data remain in the EU, unless transfer out of the region is authorized
  • A Data Protection Officer to be appointed and Data Protection Impact Assessment completed, where required
  • Data security technology is implemented to ensure situational awareness of risks, and enable preventative, corrective and mitigating action in near real time, as well as provide tools for assessing the effectiveness of security policies


In short, if you are not already working towards compliance, then you are behind the curve and need to quickly ramp up.  WatchGuard provides key information in a GDPR Resource Kit to help you get started.  Visit www.watchguard.com/GDPR to download it today!

0
Comment

By clicking you agree to the Terms of Use and Privacy Policy.
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
0 Comments

Featured Post

Introducing the WatchGuard 420 Access Point

WatchGuard's newest access point includes an 802.11ac Wave 2 chipset, providing the fastest speeds for VoIP, video and music streaming, and large data file transfers. Additionally, enjoy the benefits of strong security as the 3rd radio delivers dedicated WIPS protection!

Join & Write a Comment

After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Other articles by this author

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month