May 2, 2018
GDPR is a way to strengthen data security for everyone in the EU. The benefits of the regulation help address personal data exportation outside the EU as well, as long as the individual originally resides in the EU.
This modern program aims to provide private control for every data that an EU citizen and resident owns. It also simplifies the regulations that international businesses needed to follow as GDPR unifies these international businesses within the EU. The regulation will replace the Data Protection Directive of 1995 once it becomes enforceable on May 25, 2018. Thus, non-compliance with the regulation will cause huge costs to the companies.
GDPR was nothing more than a proposal six years ago, on January 25, 2012. An orientation vote for its approval was held on October 21, 2013 – with the European Parliament Committee on Civil Liberties and Justice and Home Affairs who held the vote.
On December 15, 2015, negotiations between the European Council, Commission and Parliament began in order to push the implementation of the program. Its positive outcome has finally set things in motion for its adoption. But still, it would go a lot of procedures.
Eventually, the GDPR was adopted by the European Parliament on April 14, 2016, as an effort to replace the Data Protection Directive of 1995 since the former regulation was too outdated. This year, its implementation shall apply from May 25.
The GDPR is a promising regulation that will surely make data comfortable enough to become a part of every EU citizen’s lifestyle. It was proposed in the first place to resolve the concerns of the public over information privacy – knowing that the internet was still brand new to a lot of people in 2012. It was proposed just in time when the internet became an extended establishment for businesses and when consumers began to exploit the advantages of e-commerce and online marketing. Over time, data breaching has gotten stronger, and that can compromise a lot of information to a lot of people.
Nowadays, data usage is very valuable. Banks, government and parliament agencies, as well as many businesses have transitioned on the internet for its convenient and user-friendly features. Hackers nowadays can possibly steal high-profile data from businesses and other offices through the use of computers and phones.
An RSA survey has proven this fact. It was able to conclude that consumers are scared about the lack of protection in the data they provide. RSA was able to conduct a survey of 7,500 consumers/respondents in France, UK, Italy, Germany, and the USA. 80 percent of the respondents said that financial data is a huge concern, next to stolen banking data (e.g. credit card information). Lost security information such as passwords and other identity data such as licenses and passports are also cited as concerns for 76 percent of the surveyed respondents. It also noted that 62% of the respondents said that they will blame the company and banks for lost data. Thus, it will also affect government offices for stolen identity if the data regulation is as weak as the one implemented in 1995.
The lack of trust in some neglectful companies has also caused consumers to make their own strategies. The survey also indicated that 41% of the respondents are willing to falsify data when signing up for online services. Unwanted marketing and reselling of data is the root concern of this response from the consumers. 27% of the US respondents even mentioned boycotting a company or employer if data protection is neglected.
Every Precious Data Will Be Protected
Based on the results, the GDPR could be a huge requirement in our modern era in providing data security. The GDPR is well-prepared as it can protect private data such as the following:
The GDPR will also affect all companies who collect personal information within the EU. This even includes employers. Thus, all of these types of businesses must comply with its requirements and rules. Otherwise, legal sanctions will be implemented. The following criteria can help a business become more accepted by the new regulation:
The GDPR contains several roles that ensure its compliance. Staff such as the data controller, processor, and protection officer are the ones that will regulate the companies.
A data controller will be monitoring if outside contractors will comply with the regulation. Data processors will be internal staff that will observe, maintain and processes personal records and outsourcing companies who will also handle the personal data. The GDPR will hold the processors as liable for any breaches and non-compliance. Additionally, the company and a data processing party such have a cloud service can also gain liability as well.
A DPO will be designated to oversee the security being done to the collected personal data. All companies under GDPR will require a DPO when processing large amounts of data. However, some public services such as law enforcement can gain an exemption due to very sensitive information.
GDPR is truly beneficial in this modern world not just for the citizens, but for businesses as they can also get their data misused. The regulation places equal liability on data controllers and processors.
Note: Third-party processors who are also not in compliance will need to comply with the regulation.
You can also say that GDPR is stricter than the old data regulation. But that’s just the way it is since data regulation never got an update for more than two decades. However, one thing is for sure: data usage is very valuable. That’s why this regulation was proposed in the first place. Once again, all these will be implemented by May 25, 2018. Thus, companies should prepare their requirements while there still some days left.