Get Ready for The New General Data Protection Regulation (GDPR) Law - The Tek > Blogs


Sign up for our Newsletter


Get Ready for The New General Data Protection Regulation (GDPR) Law

Security | 0 Comments | | Return |

Get Ready for The New
General Data Protection Regulation (GDPR) Law

- by:  Rick Miller

     GDPRA new law enacted by the European Union known as the General Data Protection Regulation or (GDPR), is set to go into effect on May 2018. The law is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU).

     It has far reaching effects on how companies collect, protect, and utilize data around the globe. For U.S. based companies there are several key issues to keep in mind. Remember this law extends beyond the E.U., so U.S. firms collecting and processing private data that involves E.U. citizens are liable under the new law. Because the law extends beyond the E.U., it is the first global data protection law.

     The first thing to understand about the law is that it expands the definition of personal data. The GDPR defines personal data as, “any data that can be used to identify an individual. That includes genetic, mental, cultural, economic or social information.”

      Another stipulation of the GDPR is that organizations must get clear consent to process collected data. Organizations must explain what personal data they are collecting and how it will be processed and used. They must also ensure that if a breach occurs it is reported to appropriate authorities within 72 hours.

     Since the EU law extends globally it is important that U.S. companies prepare now. If businesses do not prepare for the law they could find themselves being fined. The fines are considerable reaching up to 4% of their global annual turnover.

     In her blog GDPR for Dummies, Kate Bordwell, takes the very complex rules of the law and turns it into a practical and simple theme. She says the rules can be seen as following six themes.

  1. Know what you have, and why you have it.
  2. Manage data in a structured way.
  3. Know who is responsible for it.
  4. Encrypt what you wouldn’t want disclosed.
  5. Design a security aware culture.
  6. Be prepared... Expect the best but prepare for the worst.

     There a few key points to consider when thinking about the ramifications of the GDPR. If your company has a website and you are collecting cookies it is possible that you are collecting and processing Personally Identifiable Information. (PII) Under GDPR you will need to apply the six themes above to that data. It is also key to make sure in the process of collecting and processing data that you document the journey of the data. Consider making data maps as part of your data organization plan.

Document Document Document!
However, you decide to organize, process, and store your data it is imperative that you document your processes. Documentation will be critical should you encounter a breach.

     While many see the new law as a nuisance, it has far reaching implications when it comes to the protection of consumer data. If we see the law as an opportunity to improve the security of our client’s data then we have started to create a culture of security within our organizations. In the end the overall purpose of the law is to provide global protection for consumers. If as a result we begin to create a culture of security we all win.


Tek Tip - All emails are guilty until otherwise proven innocent

One of the easiest ways to get a virus is by opening an attachment that you weren't expecting.&n...

Read More >

Virtual Desktops Install for Cook Wealth Management

Brief DescriptionVirtual Desktops have been around for a few years but just recently the technology ...

Read More >

Tek Tip - Having problems Updating your WordPress Plugins?

In some cases, you are not able to update/upgrade your WordPress and WordPress Plugins to a new...

Read More >

Cybersecurity and the Ostrich Effect

If you can’t see it, it doesn’t exist, right? When an ostrich senses danger he buries hi...

Read More >

Tek Tip - Windows Easy Transfer Replacement for Windows 10

Windows 8.1 had a great little utility to move information from an older computer running Windows XP...

Read More >

Why Your Business Needs a Strong Cyber Defense Strategy

There are new developments on the cyber-attack front every day. New forms of social engineering, mal...

Read More >
You need to login in order to comment