Not the General but the “Global” Data Protection Regulation

Not the General but the “Global” Data Protection Regulation

Květen 1, 2017

Protecting personal data has been an important issue in the European Union for more than 20 years. And the recently ratified General Data Protection Regulation, known as GDPR, takes data protection to an entirely new level. Get ready for the “Global Data Protection Regulation”.

A new set for all

The GDPR is applicable to almost every organization around the world that collects or processes data on residents domiciled within the EU.  This includes permanent residents, visitors, and expatriates. Compliance is thus predicated on the geographical location of

Compliance is thus predicated on the geographical location of the individuals about whom an organization holds personal data, not the domicile of registration for the organization.

“Global Data Protection Regulation”

This represents a significant change in how organizations must protect the personal data of anyone domiciled in the EU. It may have implications for how they protect the personal data of non-EU residents, as well. Hence, the “General” Data Protection Regulation could better be called the “Global” Data Protection Regulation. In light of the financial penalties associated with non-compliance, requires serious attention and action from all organizations doing business across Europe (including the United Kingdom post-Brexit), both in the EU and in the European Economic Area (EEA).

Key takeaways

In GDPR Compliance and Its Impact on Security and Data Protection Programs: An Osterman Research White Paper,  provided by CipherCloud, they provide notes for organizations,  who collect or process personal data on EU residents. These organizations must comply with the new regulation, or they will face significant financial penalties and reputational damage.

Some of these takeaways are:

  • The GDPR is focused on the protection of personal data, not merely the privacy of personal data. Complying with the protection mandate requires a higher degree of proactive and far-reaching effort on the behalf of organizations that control or process personal data. Less than 60% of companies are sufficiently familiar with the wide scope of the regulation and penalties — only 10% feel ready.

Global Data Protection Regulation Confidence

  • Complying with the GDPR requires both organizational and technological measures in response.
    • Technological measures for protecting personal or sensitive personal data include data classification, data loss prevention, encryption, managing consent more explicitly, data transfer limitations, and technologies that enable data subjects to exercise their rights to access, rectify, and erase personal
      data held by data controllers (subject to certain conditions).

Learn more about the “Global Data Protection Regulation” by downloading the CipherCloud report here.


Want to know more?

In AKT’s white paper on the General Data Protection Regulation, learn about what has spurred the EU to follow this track and how these “new” regulations shouldn’t have taken any organization by surprise.

Download EU Data Protection Regulation

 

About AKT View

At AKT, we pride ourselves in being technologically innovative and thought leaders. Our blog offers fresh ideas and insights on digital HR from our global experts, to help you keep ahead of the curve.

Latest Posts

All Posts

Sign up for updates

Categories

MENU

Czech Republic