Preparing for the GDPR: Introduction to a Series
The EU’s incoming General Data Protection Regulation will have far-reaching effects.
Quickly, do you know what the GDPR is? The General Data Protection Regulation goes into effect on May 25, 2018 for all companies based out of the EU and for all companies that do business in the EU.
That’s right, even if you’re not in Europe if your business has any kind of footprint there you’re still obligated to follow the EU’s new rule. Ignoring it risks penalties, fines and even bans. Not to mention other businesses will blacklist you rather than risking their own compliance.
Unfortunately, a great number of American companies that will be affected by this regulation seem to be unaware of it. That’s a problem because this is going to be an impactful rule when it comes into effect.
What is the GDPR?
The General Data Protection Regulation is a new set of EU guidelines for the processing, storage and management of personal information. While the entire regulation is over 80 pages, it basically boils down to this, the EU is imposing regulations and restrictions on what information can and can’t be processed and stored, as well as what notifications are required and what rights individuals have with regard to their own personal information.
At the core of the regulation is this position:
The protection of natural persons in relation to processing of personal data is a fundamental right.
The concepts and principles contained in the GDPR share the same DNA as what’s in the current Data Protection Act, so companies already in compliance with the DPA have a head start. The big difference is that the GDPR places greater emphasis on the documentation that data controllers must keep to demonstrate accountability.
Essentially you’ll be asked to provide legal justification for the processing of personal data, then you’ll need to audit your organization to document all information flows and where that information is being stored. From there you’ll need to devise a notification system that alerts individuals when their personal information is being collected, requests consent in some cases and gives them the right to have the information deleted then, or after a set period of time.
Does that sound like a lot?
That’s why we’re starting this series on GDPR preparations. Every Wednesday for the next month or so we’ll run an article that discusses how different market segments will need to prepare for the May 25 deadline. The GDPR is incoming, we’re here to help you Hash it Out.
Hashed Out GDPR Compliance Series:
- GDPR: Introduction to a Series
- GDPR: How it affects the Domain Industry
- GDPR: How it affects Web Hosts
- GDPR: Problems for ICANN/WHOIS?
- GDPR: Complying with EU-US Privacy Shield
- GDPR: What is a Data Protection Officer?
- GDPR: Best Practices for Privacy Notices
- GDPR: What you need to know about Cookies
- GDPR: What is the Right to be Forgotten?
- GDPR: How to perform a Data Audit
- GDPR: Encryption Best Practices
- GDPR: When to report a Personal Data Breach
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
in Hashing Out Cyber SecurityHow to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
in Everything EncryptionRe-Hashed: How to Fix SSL Connection Errors on Android Phones
in Everything EncryptionCloud Security: 5 Serious Emerging Cloud Computing Threats to Avoid
in ssl certificatesThis is what happens when your SSL certificate expires
in Everything EncryptionRe-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
in Hashing Out Cyber SecurityReport it Right: AMCA got hacked – Not Quest and LabCorp
in Hashing Out Cyber SecurityRe-Hashed: How to clear HSTS settings in Chrome and Firefox
in Everything EncryptionRe-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
in Everything EncryptionThe Difference Between Root Certificates and Intermediate Certificates
in Everything EncryptionThe difference between Encryption, Hashing and Salting
in Everything EncryptionRe-Hashed: How To Disable Firefox Insecure Password Warnings
in Hashing Out Cyber SecurityCipher Suites: Ciphers, Algorithms and Negotiating Security Settings
in Everything EncryptionThe Ultimate Hacker Movies List for December 2020
in Hashing Out Cyber Security Monthly DigestAnatomy of a Scam: Work from home for Amazon
in Hashing Out Cyber SecurityThe Top 9 Cyber Security Threats That Will Ruin Your Day
in Hashing Out Cyber SecurityHow strong is 256-bit Encryption?
in Everything EncryptionRe-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
in Everything EncryptionHow to View SSL Certificate Details in Chrome 56
in Industry LowdownA Call To Let’s Encrypt: Stop Issuing “PayPal” Certificates
in Industry Lowdown