GDPR – What It Is & Why You Need To Be Prepared!
As we all battle on with the day to day activities of our jobs, it can be challenging to ensure that we’re on top of changes to regulations that might affect us. This it seems is very much the case when it comes to the general awareness for the planned introduction of the General Data Protection Regulation (GDPR). Having been in the European Commission’s think tank for nearly three years, GDPR is due to replace the outdated and somewhat limited EU Data Protection Directive.
Last month our vendor partner, Ipswitch File Transfer, announced the results of a European survey of IT professionals attitudes to regulations and compliance. The results indicated a shocking lack of awareness of GDPR across the board, and with the regulation due to come into effect late this year or early next; the clock is ticking.
GDPR is meant to unify and simplify data protection across 28 countries within the European Union (EU). Why should we be concerned? The range of its penalties are a little more extensive than the ICO monetary penalty maximum of £500,000 currently the most prolific threat to enterprises careless with their data. Under the GDPR, financial penalties of up to €100million (approximately £80m) or up to five percent of worldwide turnover, whichever is greater, for organisations that breach its rules.
Ipswitch’s survey highlighted some interesting statistics:
COMPLIANCE CHALLENGES AHEAD FOR THOSE WHO DON’T KNOW GDPR OR ITS TIMING
- 56% could not accurately identify what ‘GDPR’ means
- 52% admitted they were not ready for GDPR
- 35% confessed to not knowing whether their IT policies and process were up to the job
- 12% percent of respondents felt ready for the change
- 64% also conceded they had no idea when this regulation is due to come into effect
- 14% could correctly identify that the GDPR is due to come into effect in late 2014/early 2015
SO, WHAT DOES IT MEAN TO YOU AND YOUR COMPANY?
The security of personally identifiable data has never been more important and you are accountable for it. Review your policies and procedures for data processing. How are you moving data? Who has access to it? Where is it stored and is it secure in transit and at rest? How long do you need to retain data for? Do you have strong audit and reporting capabilities for the lifetime of your data?
If your B2B, file based workflows are home-grown and lack the controls, security features, audit and reporting capabilities needed in light of changes to EU data protection changes, we can help. Our managed file transfer consultants can help you to review your data transfer requirements to ensure that your data is secure in transit and at rest, and that you have the right controls over your data. Call the team now on 0333 123 1240 for an initial no-obligation discussion to see how we can help you.