30. December 2017 02:07
A large amount of customer information is collected each day. Even a slight carelessness in managing sensitive customer information can cost the business dearly. General Data Protection Regulation i.e. GDPR is new standard that provides a set of rules which the companies operating or doing business in Europe must comply to. The European Parliament adopted it on April 14, 2016 with an intent to protect personal and private information of customer’s.
The soaring figures that account the data breaches validate the importance and need of GDPR. It covers a total of 99 articles and would regulate data protection laws and policies. As per the reports by Ovum, a London based analyst and consultancy firm, two- thirds of U.S. companies might have to reconsider their strategy in Europe owing to GDPR.
What Will Change –
Businesses (Including US businesses operating in Europe) would now have to be extra careful while managing customer databases like an individual’s IP address, social security number, name, cookie data etc. Stringent state rules will now govern a company’s customer data protection policies. It will come into force on May 25, 2018 and companies not adhering to GPDR will be have to pay a hefty fine.
Which Companies Will GDPR Affect –
A business or company that -
- Operates in Europe
- Processes personal data of European citizens
How To Prepare Your Company For GDPR –
Information Commissioner’s Office (ICO) has come up with a guide which companies can follow to prepare themselves for GDPR –
- Cognize your staff about GDPR.
- Systematically organize, manage and share the customer information you hold.
- Review your current privacy policies and make necessary changes to harmonize them with GDPR.
- Check your procedures and make sure that they cover all the rights individuals have.
- Update your procedures and decide the ways you will handle requests within new time frame.
- Decide the lawful way to process personal data.
- Check whether your consent seeking mechanism complies with the rules of GDPR.
- As per GDPR you would need parental consent to process a child’s personal data so setup a system through which you can verify an individual’s age.
- Ensure that you follow an appropriate and quick mechanism to detect and report a data breach.
- Get well acquainted with ICO’S code of practice on Privacy Impact Assessments.
- Hire someone to act as the Data Protection Officer, whose main role would be to keep a check whether data protection policies are being complied or not.
- Determine your lead data protection supervisory authority.
Enforcement of GPDR would mean less data breaches which will ultimately benefit the end user by protecting their private and confidential information. It is a revolutionary step by the European government for the best interest of their citizens and US based companies operating in Europe will have to do the required modifications in their policies and online applications in order to adhere to the norms.
For more information, contact Centex Technologies at (972) 375 - 9654.