{"id":3582,"date":"2018-04-25T11:00:20","date_gmt":"2018-04-25T05:30:20","guid":{"rendered":"https:\/\/www.rincon.co.in\/site\/?p=3582"},"modified":"2022-02-28T18:48:08","modified_gmt":"2022-02-28T13:18:08","slug":"reblog-gdpr-is-coming-into-effect-on-may-25th-of-2018","status":"publish","type":"post","link":"https:\/\/www.rincon.co.in\/site\/reblog-gdpr-is-coming-into-effect-on-may-25th-of-2018\/","title":{"rendered":"Reblog: GDPR is coming into effect on May 25th of 2018."},"content":{"rendered":"\n
\n
\n

As you may have already heard, The General Data Protection Regulation (GDPR), one of the most sweeping data regulations the world has known, is coming into effect on May 25th of this year. GDPR will affect businesses on a global scale, yet a surprising number of organizations remain unprepared.<\/p>\n<\/div>\n\n\n\n

\n
\"\"\/<\/figure>\n<\/div>\n<\/div>\n\n\n\n

Once GDPR is enforced, companies around the world who are found to mishandle, exploit, or lose EU citizen\u2019s personal data will face huge penalties including up to 4% of the companies\u2019 annual revenue. Businesses can also face penalties depending on whether and how they inform customers when they\u2019re hacked. Despite the risks of not being GDPR compliant, a government survey conducted just a couple of months ago in the UK revealed that a only 38% of businesses say they had heard of the GDPR, and among them, only a quarter had started making changes to their operations to get prepared. Since the GDPR act will be passed in the EU as a measure to protect its citizen\u2019s data, one can only imagine the b pace at which the majority of North American companies are moving towards compliance.<\/p>\n\n\n\n

With more than 35 years\u2019 experience in the high-tech and unified communications sector, AVST General Manager Tom Minifie has seen his fair share of regulatory compliance shifts, as well as their impacts on organizations. During his educational session, GDPR: Impact on Security from EU to the US, at Enterprise Connect last month, Tom discussed a few of the key concepts outlined in the GDPR, their impact on organizations, and practical ways that companies can work toward compliance.<\/p>\n\n\n\n

1. Consent: The New Gateway to Obtaining and Storing Personal Data<\/h3>\n\n\n\n

One of the major requirements under GDPR is that businesses will have to obtain consent from EU citizens when obtaining their personal data. Businesses will also have to be transparent with the intended purpose of holding onto said data \u2013 much of which will involve developing new, clear privacy policies that cover data retention and storage guidelines.<\/p>\n\n\n\n

\u201cEach individual that does business with you, that causes an occasion for you to collect personal information associated with them, they\u2019ve got to be able to opt-in, essentially. Somebody that goes to a website and wants to order something, they know that they\u2019re providing you with some personal information. They\u2019re entering a credit card number, and they know why they\u2019re doing that, but that doesn\u2019t mean you can hold onto that [data],\u201d said Tom Minifie. \u201cTypically, online, you\u2019re going to be able to opt-in [\u2026] Those are the kinds of transactions that are absolutely mandatory.\u201d<\/p>\n\n\n\n

Becoming more transparent and asking for consent during any transaction where personal data is obtained will look different for each organization. While institutions in the healthcare, government, and finance sectors may be ahead of the game when it comes to communicating the why\u2019s and how\u2019s of obtaining personal data, the implications of the GDPR act are far wider reaching. This means retail stores will need to be clear when they ask for customer email addresses at the check-out, NPOs will need to be upfront when obtaining consent for personal info used for surveys, and more.<\/p>\n\n\n\n

2. Redefining Key GDPR Terms: Processor and Data Controller<\/h3>\n\n\n\n

When first learning about GDPRdata processor and data controller as positions with a company. , perhaps only unique to larger enterprises requiring their expertise, Tom Minifie points to a much broader definition:<\/p>\n\n\n\n

\u201cEssentially, any cloud provider is a processor. Anyone that\u2019s processing data, may not be holding onto that data or doing anything with it for their own purposes, but if it\u2019s flowing through their resources, then they\u2019re a processor.<\/p>\n\n\n\n

AVST is a processor. We\u2019ve got a number of cloud solutions for our customers. We host some communications solutions, and we have a security solution that people can use. As they\u2019re using our hosted service, we are a processor when it comes to those companies. The data controller is the company itself.\u201d<\/p>\n\n\n\n

Some companies do in fact have data processors and controllers on staff, but for any organization who processes personal data, it\u2019s the company as a whole\u2019s responsibility, not just at the level of management and compliance-dedicated employees, to ensure that personal data is handled with utmost care.<\/p>\n\n\n\n

3. Important Questions to Consider<\/h3>\n\n\n\n

Lastly, Tom offered some advice to in the form of crucial questions for companies who are beginning to have conversations about achieving GDPR compliance:<\/p>\n\n\n\n

\u201cFirstly, evaluate. What personal data do you actually have? What personal data are you storing, and what\u2019s the purpose of that? Do you have a privacy policy so that any individual that you\u2019ve got access to their personal data, do they understand through your privacy policy why you have that data? What data do you have, and why do you have it? What\u2019s your use for that? Do you have High Availability\/Disaster Recovery business continuity practices in place? Can you stand up and say \u201cLook, we\u2019re the protector of this data, and we\u2019re not going to lose that data?\u201d Even with an IT failure where you\u2019ve lost a server or whatever, that data that was stored there, it\u2019s not good enough to say, \u2018Well, it\u2019s gone.\u2019 That\u2019s not okay. You have to be able to recover that data as well.\u201d<\/p>\n\n\n\n

When a major regulation that forces companies to reconsider how they obtain, handle, and process data like GDPR is looming, it can be intimidating for organizations of all sizes. Sometimes, the best way navigate through the complexity of a new regulation is with an honest appraisal of where your organization currently is. Then to take steps, not necessarily great leaps, on your journey towards compliance.<\/p>\n\n\n\n

The original article can be found here.<\/a><\/p>\n\n\n\n

To learn more contact us sales@rincon.co.in<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

As you may have already heard, The General Data Protection Regulation (GDPR), one of the most sweeping data regulations the world has known, is coming into effect on May 25th of this year. GDPR will affect businesses on a global scale, yet a surprising number of organizations remain unprepared. Once GDPR is enforced, companies around […]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_uag_custom_page_level_css":"","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[67],"tags":[351,466,512,514,513],"class_list":["post-3582","post","type-post","status-publish","format-standard","hentry","category-blog","tag-disaster-recovery","tag-gdpr","tag-general-data-protection-regulation","tag-high-availability","tag-personal-data"],"aioseo_notices":[],"uagb_featured_image_src":{"full":false,"thumbnail":false,"medium":false,"medium_large":false,"large":false,"1536x1536":false,"2048x2048":false},"uagb_author_info":{"display_name":"Blogger","author_link":"https:\/\/www.rincon.co.in\/site\/author\/rincon\/"},"uagb_comment_info":0,"uagb_excerpt":"As you may have already heard, The General Data Protection Regulation (GDPR), one of the most sweeping data regulations the world has known, is coming into effect on May 25th of this year. GDPR will affect businesses on a global scale, yet a surprising number of organizations remain unprepared. Once GDPR is enforced, companies around…","_links":{"self":[{"href":"https:\/\/www.rincon.co.in\/site\/wp-json\/wp\/v2\/posts\/3582","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.rincon.co.in\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.rincon.co.in\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.rincon.co.in\/site\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.rincon.co.in\/site\/wp-json\/wp\/v2\/comments?post=3582"}],"version-history":[{"count":0,"href":"https:\/\/www.rincon.co.in\/site\/wp-json\/wp\/v2\/posts\/3582\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.rincon.co.in\/site\/wp-json\/wp\/v2\/media?parent=3582"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.rincon.co.in\/site\/wp-json\/wp\/v2\/categories?post=3582"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.rincon.co.in\/site\/wp-json\/wp\/v2\/tags?post=3582"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}