Grow Your Business. Grow Your Career.

What to Know: General Data Protection Regulation

What to Know: General Data Protection Regulation

Author: Chris Alex /Tuesday, September 04, 2018/Categories: SNI Companies, SNI Technology

Rate this article:

GDPR, or “General Data Protection Regulation”, is the European Union’s new data privacy law. This rule was passed in 2016, however, enforcement began May 2018. While this regulation was created in and for the EU, it will affect American companies that meet the following: Organizations registered in the European Union, and those that sell goods or services to EU citizens in which monitor the personal data of EU customers. Realistically, most US based companies meet these qualifications, therefore, must become well acquainted with GDPR. Below is a deeper dive into what this law fully entails, and the requirements businesses must meet to become GDPR compliant.

The Details
The decision to pass the General Data Protection Regulation was made of many motives and a backlog of experiences. Although the law itself seems complex, the goal is simple – This was put into place in order to increase protection for individuals by setting restrictions on those handling their personal data. Specifically, regarding the security parameters around what and how consumer information is stored. In a society that is slowly but surely converting everything to the digital world, it is essential to align aspects, such as privacy laws, with technology advancements. Protecting consumers and their security is just as important as protecting your organization – Below are boxes to be checked in order to reach GDPR compliancy.

The Necessities
If you are an organization with a presence in the EU, either physically or selling goods from afar, the GDPR will soon bring a new age of transparency into data collection and storage to your business if it has not already. In order to avoid hefty fines and a lot of unwanted trouble, companies must become compliant to this new regulation – What does that mean? Essentially, there are actions you must implement, on both the frontend and backend, to ensure the business is completely covered should there be a security breach issue.

An organization’s data controller, data processor and the data protection officer are the 3 parties responsible for obtaining and proving compliance – These individuals or groups must start with accessing all data sources to see what information is being stored, no matter the technology source.

First step to becoming GDPR compliant is being able to show where consumer’s personal data is and where it is not. From there, all stored data must be investigated to understand what data is actually being saved – Categories should be formed to accommodate materials such as names, email addresses, phone numbers and social security numbers. Knowing these personal items are very private, only specific people with proper rights within the organization should be able to access. These individuals will be identified based off of the privacy rules issued by the company. Creating these rules is a key element to obtaining compliancy. Additionally, if users do request to see the data you have on file, the GDPR requires this data is handed over to the consumer. And, in the same vein, companies must delete the data if requested by the user. Lastly, once all consumer data has been identified and accurately catalogued, a new level of protection for the data will then need to be implemented. The GDPR requires companies to use 3 security techniques: encryption, pseudonymization and anonymization. The technique used per consumer is dependent upon that user’s right.

With this law being new to those in the states, we, at SNI, hope you find this information on the General Data Protection Regulation useful.


Number of views (5977)/Comments (0)

Chris Alex
Chris Alex

Chris Alex

Chris comes with 10+ years of Specialized Staffing industry experience and he has placed 400+ Professionals in various markets.

Other posts by Chris Alex
Contact author Full biography

Full biography

Chris comes with 10+ years of Specialized Staffing industry experience and he has placed 400+ Professionals in various markets. He is a multi "Reach for the Stars (both Chairman's Club and President's Club)" Winner and he prides himself in having a high level of ethics while providing his clients with the highest level of service possible.


Contact author

Subscribe to Our RSS Feeds!