The General Data Protection Regulation (GDPR) comes in to play in May 2018, which will see a complete overhaul of how businesses protect and store your data, replacing the old data protection directive from 1995. The GDPR is being introduced due to advancements in technology and the Internet, and the need for a greater amount of protection to everyone’s data and personal information.
New Consumer Rights
Consumers will have a whole new bunch of rights to access the information that business have about us, whilst making these companies store their data more effectively and safely. That is why some companies will consider using an IBM flash storage system, to make sure that their processing systems are up to the job if they have thousands of clients’ details to look after.
In the 80’s and 90’s, the world saw an unexpected explosion in the use of computers, which changed how data was collected (when compared to the old paper and file system). The legislation at the time was not effective at all, especially as each country’s laws concerning data protection differed from one another. This is when the data protection derivative of 1995 was introduced. This made countries within the EU me more rigorous with minimum standards on data protection.
It’s a Law, Not a Suggestion
The GDPR is now being introduced to take over from the data protection derivative of 1995 and is going to be a regulation, not a derivative. This means that it will be law instead of a list of minimum requirements.
The GDPR has hundreds and thousands of amendments due to jurisdictional requirements or small issues. It took years to create and means that anyone who holds data on an EU citizen must comply with this regulation.
Besides pushing new requirements on businesses and organizations collecting personal data, the GDPR also gives individuals a lot more power to access the information that these companies have about them. At present, a Subject Access Request (SAR) allows businesses and public bodies to charge £10 to access information held about them. Under the GDPR, this is being scrapped and requests for personal information can be made free-of-charge.
Preparation for Data Breach
You can prepare for GDPR by reading the ICO’s 12-step guide, covering a variety of topics you must think about before the GDPR comes in to play. These topics include modernizing procedures related to subject access areas and what should happen in the event of a data breach.
If this sounds like something you haven’t got the time to do, there are numerous companies out there who offer to help your business with all of its GDPR compliance. That will ensure that you get it done right the first time so you don’t have to pay a fine for any mistakes!