Preparing for GDPR compliance: Where you need to be now and how to get there
In an industry steaming of buzzwords, GDPR ticks every box. Acronym? Check. Experts galore? Check. Filling marketing banner at trade shows? Definitely check. Behind the noise, hype, and misunderstanding is a substantial piece of legislation that will change how organizations operating in Europe approach data protection.
Set to come into full effect on May 25, 2018, GDPR marks a significant update on the existing 1995 EU directive (95/46/c). It also harmonizes data protection across 28 EU member states, replacing the need for national legislation. The headlines are naturally around data breach fines of up to €20 million (or 4 percent of gross annual turnover), as well as mandatory security notifications, new rules around user consent, a clearer definition around what could be personal data (such as IP addresses, for example), and greater rights for people to access — or request deletion of — the information companies hold on them.