With the impending EU General Data Protection Regulation coming to take the world by storm, there is a bit of confusion as to which companies are required to hire a Data Protection Officer (DPO).
The EU General Data Protection Regulation is causing headaches in C suites across the world. This regulation aims to protect all European citizens from privacy and data breaches, and secure their information. Information security and risk management is a top issue for CIOs. The impending regulation is a top concern for US companies too, with some 77% companies willing to spend $1 million or more on GDPR readiness plans or worse, shut down their European operations to protect themselves from expensive penalties.
On May 25th, 2018, The European Union’s General Data Protection Regulation goes into effect. The GDPR introduces many new data accountability obligations, data restrictions, and security parameters that every business in the world that processes European citizens’ information must comply with.
The General Data Protection Regulation will be enforced globally on May 6, 2018. Technically, your enterprise has until then to comply with the strict regulations. We’ve outlined the 6 major changes that the GDPR will bring to your company in this previous blogpost. Even if your company is not located within the European Union, if you process the personal data of European citizens, your company must comply (see Art. 3 GDPR).
The focus of today’s blog is on GDPR penalties for failure to comply.
Time is counting down to the GDPR enforcement date - 25 May 2018. As of today, organizations worldwide have around 8 months to be fully compliant with the European General Data Protection Regulation.
This is what industry leaders are saying about the impending regulation:
Many companies incorrectly believe that the GDPR doesn’t affect organizations outside of the European continent. Nothing could be more incorrect.
The European Union's General Data Protection Regulation, which will be enforced beginning in May 2018, will affect all organizations that handle Europeans' personal data - no matter where it is stored - Ohio, Singapore, or São Paulo.
In our third and final blog on the series, "Mastering the GDPR with Enterprise Architecture," we highlight the 5 steps to GDPR compliance.
There's no question - The European Commission cares about the protection of your data. From early 2012 until now, the European Commission, the Council, and the Parliament has continually met to update the laws and regulations regarding the data protection of its citizens.
In this article we summarize the history of EU data protection.