The new EU GDPR Regulation applies to your company too! Are you ready?

GDPR (General Data Protection Regulation) is an abbreviation for Regulation (EU) 2016/679 of the European Parliament and of the Council on personal data protection. This Regulation will become effective and organizations will be obliged to comply with its requirements from 25 May 2018.

 

Who does the GDPR apply to?

The regulation applies to the vast majority of institutions: larger corporations and smaller companies, if, for instance, they process any customer data, use the data for marketing purposes, monitor their customers’ behaviour, or have a camera system or an e-shop. It includes all organizations that have an employee attendance system, customer or job seeker databases, data or contract backup and archiving systems, or those that use data encryption. That practically means all businesses that have personal data stored on their servers, they send data over networks to data repositories and use various applications.

 

What does it mean for you?

Some of the main obligations under the GDPR include:

  • Adopting measures that prevent general and personal data loss
  • Preventing unauthorized access to personal data
  • Introduction of personal data anonymization
  • Obligation to designate a Data Protection Officer
  • Ensuring safe erasure/discarding of personal data
  • Managing and monitoring of personal data processing activities
  • Making the personal data processing systems resilient to failures and data lossAbility to identify, analyse and document security incidents in a timely manner
  • Regular testing of personal data security
  • Introduction of general and personal data encryption 

How much time you have left?

Your company is obliged to implement the GDPR measures by May 25, 2018 when the EU regulation will start to apply. After this deadline you may be subject to a fine of up to €20 million or 4% of your annual revenues. Do not wait for a “magic tool” that would take care of the full GDPR compliance. GDPR compliance is a very complex matter and you can most effectively address it by starting right now.

 

We will help you with the GDPR

To this end, our team of experts specializing in the implementation of the GDPR in Europe has created a SOITRON GDPR Consultancy Programme. First, we will map your current situation and any changes that need to be made. Next, we will produce all necessary documents, risk analysis and a recovery plan. We will recommend solutions to meet your personnel, process, and technical requirements. We will help you introduce internal processes, deploy necessary technologies and conduct many other activities in compliance with the GDPR legislation.

If you want to learn more about the GDPR, you need assistance with the GDPR or just a non-binding consultation, contact us at gdpr@soitron.com or via the contact form.

For more information see also our product sheet.

Related articles