By Patrick Lastennet, Director of Marketing & Business Development, Interxion
The countdown to the General Data Protection Regulation (GDPR) has left global businesses uncertain about what the future holds. With just eight months to go, the latest figures show that, quite worryingly, 37 percent of global organizations are unsure whether they need to comply with the GDPR. Short answer: Any company that stores or processes personal information about EU citizens must demonstrate compliance. Penalties for noncompliance are steep, and the window for reporting a breach is just 72 hours.
As time runs out to prepare for the May 25, 2018, launch date, the lack of clarity and communication around GDPR among businesses is becoming more evident. The aforementioned report also shows that 44 percent of global businesses don’t know how close their organizations are to compliance. Recent research by analyst firm Gartner already revealed that over half of companies affected by the GDPR will not be in full compliance with its requirements by the end of the looming deadline.
Over the summer period, three key news announcements emerged in an attempt to make sense of what the GDPR will entail for global businesses. If you, or your customers, is just starting to pay attention, here’s a summary of news you may have missed, but should be aware of.
A new bill in the U.K. confirmed that Brexit doesn’t mean businesses can get away with GDPR non-compliance come May 2018. The United Kingdom has been one of the more active European countries in relation to GDPR enforcement, as it released plans for a new UK Data Protection Bill as a first step in bringing the GDPR into U.K. law. The legislation will also be maintained after Brexit and will go into effect on May 25, 2018, confirming that businesses can’t assume that Brexit will get them out of complying. For U.S. businesses, the major difference is the need to correctly handle movement of data between countries and also customers’ “right to be forgotten,” which means companies need to consider how they coordinate centrally as well as storing locally.
The U.K. information commissioner called for “less scaremongering” about hefty fines post-GDPR. In the first of a series of blogs on GDPR meant to “dispel myths,” commissioner Elizabeth Denham states: “it is scaremongering to suggest that we’ll be making early examples of organisations for minor infringements or that maximum fines will become the norm.”
My advice to U.S. businesses is, don’t be tempted to “wait and see” whether the rules are strictly enforced, or enforced differently in some countries than others. Customer data must be safeguarded now, and the GDPR rules aren’t luxuries — they’re solid best practices that every company should be following. Spend the time now securing your and your clients’ end-customer data, and don’t run the risk of …
Find out if your website could benefit from a chat feature. Read the free guide: https://t.co/GWvH8X7K6o
February 23 2018 @ 19:40:08 UTC