The biggest change in data protection laws in 20 years will go into effect in 2018. In 2016, the EU Parliament officially adopted the General Data Protection Regulation (GDPR), paving the way for a new age of data protection for consumers and tighter regulations for businesses. Organisations, including U.S. multinationals that handle EU personal information, will soon be required to comply with tougher rules to prove they’re actively protecting personal data. The European Union has been working on this data protection requirement for years. In December 2015, the working group involved published a new framework for data protection and security of customer information. The General Data Protection Regulation, or GDPR, applies to all companies doing business with customers in Europe.
For all companies that do business in Europe, GDPR will come into force in early 2018, giving their IT teams two years to prepare.
There are five main points to consider:
- Data protection should be included by design within all customer data management implementations
- Every consumer will have easier access to any data saved about them
- Every consumer will have the right to know if and when data on or about them has been hacked
- Every consumer will have the “right to be forgotten,” where data can and should be deleted once it is no longer necessary
- Not meeting these areas can carry a financial penalty of up four per cent of global turnover, which includes all cash revenue that a company generates during a year
Using CX:inSync for GDPR compliance and to protect and manage your data
CX:InSync can track the creation of new files on laptops or mobile devices and automatically ensure that files containing customer data and PII are protected in accordance with company rules. This offers companies:
- Centralized visibility as to what is on devices and cloud services to assess and mitigate their data risks.
- Tools to help track and identify the potential for data leaks by alerting organizations of potential data risks on devices and cloud services.
- The ability to remotely wipe data on mobile devices to minimize exposure risks if a device is lost or stolen
- Help companies know what is on a device that was lost or stolen to assess level of exposure.
- Enforce encryption on devices (not all) to protect the files stored on them in the even the device isn’t already encrypted.
From a cloud perspective, CX:InSync can securely store the data we collect in the EU region to aid with recovery and deeper data assessment.
Follow these guidelines to get ahead of regulatory requirements when doing business with European customers, as well as cutting your data protection and disaster recovery costs.
Please contact Servnet to find out more about CX:Insync and how it can protect and manage your data while providing GDPR Compliance.