GDPR: Here

GDPR: Here's What You Need to Know

The European Union will begin to enforce strict data security starting in May. Here's what you should know.

After a two-year transition period, the General Data Protection Regulation becomes enforceable on May 25, 2018. The looming deadline created by the European Union has created a headache for those who deal with personal data and it can be hard to wade through all the information to ensure that you are in compliance with the new regulation. Here's a breakdown of GDPR and why it is important to you, even if you are an American company just looking to do business in Europe.

What is GDPR?

The European Union's General Data Protection Regulation is a sweeping data protection law that not only affects European businesses, but all organizations handling the personal data of EU citizens. Moving forward, if a data breach is the result of noncompliance, companies will face unprecedented fines of up to €20 million (about $24 million) or four percent of global annual revenue for the previous financial year, whichever is higher.

Essentially, if you want to conduct business with Europe, you'd better comply.

The deadline for compliance is just months away at this point. Companies have already started to work towards the strict guidelines of the regulation, but if you are still wondering what you should be doing, here's three important steps for navigating GDPR:

Understand GDPR Requirements

GDPR is not easy to consume in one sitting. There are 99 articles in the table of contents and only some articles may apply to your business and/or industry more than others. If you don't have someone who is versed in the language of regulations, it can be a lot to handle on your own. You can't possible solve a problem if you don't even understand what the problem is.

To help with this, you should consider consulting with a compliance expert who can interpret the most critical parts of the regulation as they pertain to your company. The compliance expert can also help you set up critical procedures and policies that you must carry out if you are hit by a data breach, like Article 33 that says you must notify EU authorities and any citizen affected within 72 hours of a data breach being discovered.

Access Your Risk

Part of being GDPR compliant is the need of an entire map of your data footprint. Companies must determine where personally identifiable information resides and how it is being handled. Understanding how each piece of data moves through your company is critical, because then you can move towards identifying and creating plans for remediation, if needed.

The new GDPR will undoubtedly create new processes within departments that will impact flow and efficiencies, but having managers and employees involved in the risk assessment process from the beginning will minimize disruption while ensuring their understanding of their responsibility in data security.

Leverage GDPR to Improve Security Practices

It may seem like a lot of work to become compliant, but compliance doesn't equal security. Cybercriminals are constantly evolving and so should your security procedures. Use the upcoming GDPR deadline an exercise to evaluate and streamline all security processes and procedures and identify areas that need improvement. Find out if the current security you are using is enough to cover your gaps and keep data protected.

GDPR is the beginning of a new era of strict data regulations. Are you prepared?

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

Featured Cybersecurity

Webinars

New Products

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame. 3