Select Page

How GDPR Affects Business

How GDPR Affects Business

GDPR (General Data Protection Regulation) is a new EU legislation on data protection that will replace the existing data protection regulation of the EU. This regulation will be implemented by each state in the European Union. This regulation is expected have broad range of ramifications for enterprise companies across the EU.

GDPR – Key Questions Answered

Can Data leave the EU?

It is still a controversial issue when it comes to the physical location of data. The EU clearly states that you are allowed to physically move the personal information of EU citizens out of the union if the country in question has the same levels of data protection. However, the Safe Harbor was deemed invalid by a court case in Ireland back in 2016 on account of the US Patriot Act which criterion when the information arrived in the US, hence, making the information less secure for the EU citizens. By the fall of 2016, the EU and the US devised a fresh agreement called Privacy Shield. Even with this new agreement, the issue about moving data out of EU still lingers. GDPR plans to introduce a much higher degree of data security. However, there is still some doubt about how much data can be moved out of the EU.

What are the New Regulations for Data Management?

Some other strict regulations GDPR will introduce include data storage, backing up of data, and data management. GDPR has broadened the definition of ‘personal data’. One should be able to flag data that can be used or combined with other data for the identification of individual. If the information one possesses can identify an individual, then under GDPR, they have the right to ask you to delete the information.

GDPR has also tightened up regulations around consent. Earlier too, one required consent to collect data, however, under GDPR, you need to show and also have properly explained what the information is being used for, and that there are also controls in place so the information will be utilized only for the mentioned purpose. This is expected to bring a higher degree of discipline around data management.

GDPR also asks you to store data only as long as you need it. The individual has the ‘right to be forgotten’- meaning completely erasing the data of the individual if asked. The new legislation will put regulations in place to erase data after a point of time. GDPR does not discriminate for data storage before legislation and has introduced the concept that the personal information is not handed over, instead it is loaned to you.

Will this Affect HR Data?

Yes, it will. It will also affect the terms and conditions of employment as well.

What about Data Breach, Data Security, Security Management?

The EU has introduced two particular items for data security. First, it has come up with notification for data breach. Some states had this earlier, some didn’t. However, it now demands that within 72 hours of discovery, companies should notify users. Any data breach, irrespective of size, has to be reported. It becomes controversial with large companies such as retailers and banks which have previously contained breaches that they refused to report, but now have a legal responsibility to notify people. Another security aspect introduced by GDPR is that it requires security measures to be included in the design right from the start. It means that while starting a new IT system or other processes, the privacy policy needs to be in place right from the start. Also, GDPR has substantially raised fines that can be imposed on companies for their failure to comply with the new legislation

Image credit

Designed by Freepik

About The Author

Bob Samuels

Principal & Founder @ TechConnectr Bob creates ‘double-mitzvah’ win-wins in B2B lead generation by utilizing analytics and strategic relationships. He has a strong background in finance, marketing optimization, and sales enablement. Before founding TechConnectr, Bob co-founded Los Gatos-based NetLine Corporation, a leading digital B2B marketing solution provider, where he oversaw the execution of hundreds of performance marketing programs from a wide range of clients, including Dell, Salesforce, Marketo, Microsoft, and IBM. At QuinStreet and Ziff Davis/Salesify, Bob was responsible for creating and nurturing strategic relationships with a variety of best-in-class data and marketing solution providers. He utilizes his Big-Four accounting and Fortune-500 business acumen to create success for all parties.

tcinsights logo

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!