GDPR: Here

GDPR: Here's What You Need to Know

The European Union will begin to enforce strict data security starting in May. Here's what you should know.

After a two-year transition period, the General Data Protection Regulation becomes enforceable on May 25, 2018. The looming deadline created by the European Union has created a headache for those who deal with personal data and it can be hard to wade through all the information to ensure that you are in compliance with the new regulation. Here's a breakdown of GDPR and why it is important to you, even if you are an American company just looking to do business in Europe.

What is GDPR?

The European Union's General Data Protection Regulation is a sweeping data protection law that not only affects European businesses, but all organizations handling the personal data of EU citizens. Moving forward, if a data breach is the result of noncompliance, companies will face unprecedented fines of up to €20 million (about $24 million) or four percent of global annual revenue for the previous financial year, whichever is higher.

Essentially, if you want to conduct business with Europe, you'd better comply.

The deadline for compliance is just months away at this point. Companies have already started to work towards the strict guidelines of the regulation, but if you are still wondering what you should be doing, here's three important steps for navigating GDPR:

Understand GDPR Requirements

GDPR is not easy to consume in one sitting. There are 99 articles in the table of contents and only some articles may apply to your business and/or industry more than others. If you don't have someone who is versed in the language of regulations, it can be a lot to handle on your own. You can't possible solve a problem if you don't even understand what the problem is.

To help with this, you should consider consulting with a compliance expert who can interpret the most critical parts of the regulation as they pertain to your company. The compliance expert can also help you set up critical procedures and policies that you must carry out if you are hit by a data breach, like Article 33 that says you must notify EU authorities and any citizen affected within 72 hours of a data breach being discovered.

Access Your Risk

Part of being GDPR compliant is the need of an entire map of your data footprint. Companies must determine where personally identifiable information resides and how it is being handled. Understanding how each piece of data moves through your company is critical, because then you can move towards identifying and creating plans for remediation, if needed.

The new GDPR will undoubtedly create new processes within departments that will impact flow and efficiencies, but having managers and employees involved in the risk assessment process from the beginning will minimize disruption while ensuring their understanding of their responsibility in data security.

Leverage GDPR to Improve Security Practices

It may seem like a lot of work to become compliant, but compliance doesn't equal security. Cybercriminals are constantly evolving and so should your security procedures. Use the upcoming GDPR deadline an exercise to evaluate and streamline all security processes and procedures and identify areas that need improvement. Find out if the current security you are using is enough to cover your gaps and keep data protected.

GDPR is the beginning of a new era of strict data regulations. Are you prepared?

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

  • Progressing in Capabilities

    Progressing in Capabilities

    Hazardous areas within industries like oil and gas, manufacturing, agriculture and the like, have long-sought reliable video surveillance cameras and equipment that can operate safely in these harsh and unpredictable environments. Read Now

  • A Comprehensive Nationwide Solution

    A Comprehensive Nationwide Solution

    Across the United States, manufacturing facilities, distribution centers, truck yards, parking lots and car dealerships all have a common concern. They are targets for catalytic converters. In nearly every region, cases of catalytic converter thefts have skyrocketed. Read Now

  • Planning for Your Perimeter

    Planning for Your Perimeter

    The perimeter is an organization’s first line of defense and a critical element of any security and surveillance program. Even if a building’s interior or exterior security is strong, without a solid perimeter surveillance approach any company or business is vulnerable. Read Now

  • The Key Issue

    The Key Issue

    It is February 2014. A woman is getting ready in her room on a cruise ship when she hears a knock on the door; it is a crewmember delivering breakfast. She is not presentable so she tells him to leave it by the door. Read Now

Featured Cybersecurity

New Products

  • XS4 Original+

    XS4 Original+

    The SALTO XS4 Original+ design is based on the same proven housing and mechanical mechanisms of the XS4 Original. The XS4 Original+, however, is embedded with SALTO’s BLUEnet real-time functionality and SVN-Flex capability that enables SALTO stand-alone smart XS4 Original+ locks to update user credentials directly at the door. Compatible with the array of SALTO platform solutions including SALTO Space data-on-card, SALTO KS Keys as a Service cloud-based access solution, and SALTO’s JustIn Mobile technology for digital keys. The XS4 Original+ also includes RFID Mifare DESFire, Bluetooth LE and NFC technology functionality. 3

  • SecureAuth

    SecureAuth

    The acceleration of digital transformation initiatives as a result of COVID-19 has created a lasting impact on how businesses empower their workforce and engage customers. 3

  • PDK IO Access Control Software

    PDK.IO Access Control Software

    ProdataKey now allows for "custom fields" within the interface of its pdk.io software. Custom fields increase PDK's solutions' overall functionality by allowing administrators to include a wide range of pertinent data associated with each user. 3