Billed as “the most important change in data privacy regulation in 20 years”, GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions occurring within EU countries. To help your business to prepare for the regulation, which take effect in May of this year, we’ve put together the answers to some common questions:
The rules will apply to any business that offers goods or services to EU countries, or processes the personal data of citizens residing in the EU (regardless of where your company is situated).
Personal data may include: their name, a photo, an email address, bank details, content from social networks or a computer IP address.
The regulations will be strictly enforced, so it’s essential that your business complies or you could face a fine of up to 20 million euros (or 4% of your total worldwide annual turnover in the previous FY, whichever is higher) for severe infringements, or fines of up to 10 million euros (or 2% turnover) for less severe non-compliance.
The GDPR was approved by the EU Parliament in April 2016, with the regulation to take effect after a two-year transition period. Therefore, by 25th May 2018 companies that collect data on customers in EU countries will need to show that they comply.
If the new regulations will affect your business, then now is the time to identify what data you store and process for EU citizens, how it’s stored and what systems are used to process it.
For example, Cloudsource has added enhancements to our Managed Cloud platform to ensure that it meets the GDPR rules, including tighter encryption for live calls and the latest technology in call recording storage and compliance.
According to the Information Commissioner’s Office:
“Many of the GDPR’s main concepts and principles are much the same as those in the current Data Protection Act (DPA), so if you are complying properly with the current law then most of your approach to compliance will remain valid under the GDPR and can be the starting point to build from. However, there are new elements and significant enhancements, so you will have to do some things for the first time and some things differently.”
The ICO has put together a helpful guide entitled “Preparing for the GDPR: 12 steps to take now” (PDF) detailing more ways in which the GDPR differs and how you can get prepared.
Cloudsource are here to help you assess your IT and communications infrastructure for GDPR compliancy and advise on next steps, so complete the form on this page to arrange your free evaluation with a member of our expert team. Once the form has been submitted, we’ll contact you to arrange a suitable date and time.
If you simply have a question about the regulation and how it will affect your business, contact us today.