This document discusses the General Data Protection Regulation (GDPR) which imposes new rules on organizations that offer goods and services to people in the European Union or collect and analyze EU resident data. It notes that more data has been created in recent years than the previous 5000 years of humanity. The GDPR enhances personal privacy rights, increases duty to protect data, and mandates breach reporting with significant penalties for noncompliance. Benefits of complying with the GDPR include improved business reputation and customer loyalty through greater data security, and more accurate data through customer validation.
7. The GDPR is the most significant change in data
protection for twenty years.
Enhanced personal privacy rights
Increased duty for protecting data
Mandatory breach reporting
Significant penalties for non-compliance
The General Data Protection
Regulation (GDPR) imposes new
rules on organizations that offer goods
and services to people in the European
Union (EU), or that collect and analyze
data tied to EU residents, no matter
where they are located.
Beyond Encryption & LAN2LAN believe the GDPR is an important step forward for clarifying and enabling individual privacy rights
17. Why do we have this new GDPR legislation? Well,
because of this guy.
"Like anyone would be when you tell them they're right, I'm happy,“
- Mario Costeja Gonzalez
24. • Where is your data?
• Who is processing it on your behalf?
25.
26.
27.
28.
29.
30.
31.
32. The driving force? The current law does not reflect
the technological developments that can impact on
consumer data privacy, such as social networks and
cloud computing.
In your consumer life, you are giving your personal data to companies all the time.
Given what you know about business IT, do you think your details are really safe?
Companies take Health & Safety and Fire Safety as standard. The GDPR ensures
companies treat information governance and data protection as standard too.
The world is changing and we must protect breaches. Note, many incidents of
cyber security breaches in the news…
33. What the ICO really want
“…to see comprehensive data protection
programmes as the norm, organisations better
protecting the data of citizens and consumers, and
a change of culture that makes broader and
deeper data protection accountability a focus for
organisations across the UK”.
- Elizabeth Denham, Information Commissioner
34. Is this a good thing?
Improved Business Reputation
Major data breaches have made global headlines, but the problem of data protection is a lot bigger when smaller companies are considered. In the Cyber Security
Breaches Survey 2017, an annual report published by the UK’s Department of Culture, Media and Sport, about 70% of large UK firms were found to have suffered a cyber
attack. With the threat of attack so high, being certified as GDPR complaint is going to be a major plus in marketing terms, boosting your business’s reputation as secure in
the eyes of potential customers.
‘Cyber Safe’ Means Greater Customer Loyalty
With a reputation for being ‘cyber safe’ such a major boon for businesses of all sizes, it’s clear that better cybersecurity will greatly improve loyalty amongst existing
customers. The consequence of the alternative was highlighted by a FireEye report published in the US in 2016, where 76% of consumers who responded admitted they
were likely to take their business elsewhere if a company was guilty of negligent data handling, and 75% saying they would stop buying from a company that suffered a
data breach following boardroom failure to prioritize cybersecurity. A further 59% confirmed they would take legal action if their personal details were stolen and then
used for criminal purposes
More Accurate Data
Getting GDPR-ready will improve the accuracy levels of data stored in a company’s database because it will allow customers not just to access their personal data, but to
inspect and validate the stored information. This right already exists, but since the new regulations will require data controllers to rectify any identified errors they are told
about, it means the accuracy of data stored will be greatly improved.
Increased productivity
When employees know the rules, data is shared appropriately and efficiently.
Greater Data Security Globally
While consent is a key factor in the GDPR, and this legislation is focused primarily within the EU, it has taken into account the need to protect individuals whose data is
transferred to a third-party country of organization outside the EU. But, such transfers can only be done where the third-party provides legal and contractual agreements
to protect the rights of the ‘natural person’ (individual). Transfers are permitted without this condition in certain circumstances, but doing so in response to a legal request
or requirement from a third country is not one of them. The result is, again, a much high level of consumer and client trust.