The European Union (EU) General Data Protection Regulation (GDPR) is being touted as “the most important change in data privacy regulation in 20 years.” The GDPR was approved in April 2016 to replace the Data Protection Directive 95/46/EC and has been enforced from the beginning May 25, 2018. The regulation stipulates that businesses must protect EU citizens’ personal data and privacy for transactions occurring within EU member states. Thus, any company doing business in Europe needs to comply with GDPR. Moreover, GDPR rules apply to controllers and processors, so clouds are not exempt from enforcement.
Organizations not in compliance will face hefty fines; a breach can result in an organization being listed in Art. 83(5) GDPR, the fine framework can be up to 20 million euros, or in the case of an undertaking, up to 4 % of their total global turnover of the preceding fiscal year, whichever is higher. But even the catalogue of less severe violations in Art. 83(4) GDPR sets forth fines of up to 10 million euros, or, in the case of an undertaking, up to 2% of its entire global turnover of the preceding fiscal year, whichever is higher.
The question is, are you complying with the General Data Protection Regulation requirements? Organizations are required to put systems and processes in place to comply, and they need to consider new standards for protection as the GDPR redefines personal identification information (PII). Keep in mind that you need to protect a person’s IP address and cookie data just as you do their home address and health data.
GDPR requirements change the way you process, store, and protect customers’ personal data. Companies need solutions for assessing, implementing, and maintaining GDPR compliance, and that’s where our most popular GDPR software tools and solutions come help our customer. We have cloud and on-premises solutions, and we included a few free assessment tools to give you a launching point for GDPR compliance. Our solution provides security tools, assessment, data governance & management tools, and user consent & compliance tools.