Access can help your organization determine the next steps towards achieving GDPR compliance. Contact us today to learn more about how we can help you protect information.
Make sure your procedures are clear and ensure all team members know how to respond.
The GDPR is the new data protection law that went into effect across the European Union on May 25, 2018. Replacing the current Data Protection Directive established in 1995, the General Data Protection Regulation aims to protect the data privacy of all EU citizens with statutes to align with today’s data-driven world.
In a world where data breaches and cyber crimes are a regular occurrence, the way organizations approach data privacy must grow and evolve with these ever-changing threats. The GDPR aims to change the way organizations across Europe collect, use and transfer EU citizens’ personal information.
Even if your business is not located in Europe, the GDPR applies to any company that processes the personal data of EU citizens. Organizations that do not comply by the May 25th deadline risk facing fines as high as $20 million euro or up to 4% of their annual global turnover.
Companies will also be required to obtain consent in a clear, distinguishable fashion, as well as offer consumers the ability to easily withdraw their consent. In the event of a data breach, organizations will be required to notify the public within 72 hours of becoming aware of the breach.
To protect the privacy and personal information of consumers in the EU, the GDPR also expands the rights of EU citizens.
In order to ensure compliance with all of the GDPR requirements, thorough preparation is essential. To be successful in implementing a data privacy initiative, companies must:
Discuss the impact the GDPR will have on your business’ daily operations with other leaders and decision makers, then a plan of action can be put into place.
Do you know where your organization collects data or how it is stored and shared? Conduct an information audit to learn where you need to make changes, then work on clearly defining your policy.