Preparing for the GDPR: Introduction to a Series
The EU’s incoming General Data Protection Regulation will have far-reaching effects.
Quickly, do you know what the GDPR is? The General Data Protection Regulation goes into effect on May 25, 2018 for all companies based out of the EU and for all companies that do business in the EU.
That’s right, even if you’re not in Europe if your business has any kind of footprint there you’re still obligated to follow the EU’s new rule. Ignoring it risks penalties, fines and even bans. Not to mention other businesses will blacklist you rather than risking their own compliance.
Unfortunately, a great number of American companies that will be affected by this regulation seem to be unaware of it. That’s a problem because this is going to be an impactful rule when it comes into effect.
What is the GDPR?
The General Data Protection Regulation is a new set of EU guidelines for the processing, storage and management of personal information. While the entire regulation is over 80 pages, it basically boils down to this, the EU is imposing regulations and restrictions on what information can and can’t be processed and stored, as well as what notifications are required and what rights individuals have with regard to their own personal information.
At the core of the regulation is this position:
The protection of natural persons in relation to processing of personal data is a fundamental right.
The concepts and principles contained in the GDPR share the same DNA as what’s in the current Data Protection Act, so companies already in compliance with the DPA have a head start. The big difference is that the GDPR places greater emphasis on the documentation that data controllers must keep to demonstrate accountability.
Essentially you’ll be asked to provide legal justification for the processing of personal data, then you’ll need to audit your organization to document all information flows and where that information is being stored. From there you’ll need to devise a notification system that alerts individuals when their personal information is being collected, requests consent in some cases and gives them the right to have the information deleted then, or after a set period of time.
Does that sound like a lot?
That’s why we’re starting this series on GDPR preparations. Every Wednesday for the next month or so we’ll run an article that discusses how different market segments will need to prepare for the May 25 deadline. The GDPR is incoming, we’re here to help you Hash it Out.
Hashed Out GDPR Compliance Series:
- GDPR: Introduction to a Series
- GDPR: How it affects the Domain Industry
- GDPR: How it affects Web Hosts
- GDPR: Problems for ICANN/WHOIS?
- GDPR: Complying with EU-US Privacy Shield
- GDPR: What is a Data Protection Officer?
- GDPR: Best Practices for Privacy Notices
- GDPR: What you need to know about Cookies
- GDPR: What is the Right to be Forgotten?
- GDPR: How to perform a Data Audit
- GDPR: Encryption Best Practices
- GDPR: When to report a Personal Data Breach
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018in Hashing Out Cyber Security
How to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chromein Everything Encryption
Re-Hashed: How to Fix SSL Connection Errors on Android Phonesin Everything Encryption
Cloud Security: 5 Serious Emerging Cloud Computing Threats to Avoidin ssl certificates
This is what happens when your SSL certificate expiresin Everything Encryption
Re-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Messagein Hashing Out Cyber Security
Report it Right: AMCA got hacked – Not Quest and LabCorpin Hashing Out Cyber Security
Re-Hashed: How to clear HSTS settings in Chrome and Firefoxin Everything Encryption
Re-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithmsin Everything Encryption
The Difference Between Root Certificates and Intermediate Certificatesin Everything Encryption
The difference between Encryption, Hashing and Saltingin Everything Encryption
Re-Hashed: How To Disable Firefox Insecure Password Warningsin Hashing Out Cyber Security
Cipher Suites: Ciphers, Algorithms and Negotiating Security Settingsin Everything Encryption
The Ultimate Hacker Movies List for December 2020in Hashing Out Cyber Security Monthly Digest
Anatomy of a Scam: Work from home for Amazonin Hashing Out Cyber Security
The Top 9 Cyber Security Threats That Will Ruin Your Dayin Hashing Out Cyber Security
How strong is 256-bit Encryption?in Everything Encryption
Re-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3in Everything Encryption
How to View SSL Certificate Details in Chrome 56in Industry Lowdown
PayPal Phishing Certificates Far More Prevalent Than Previously Thoughtin Industry Lowdown