New Year – new data compliance.
As analytics and big data continue to gain acceptance in the enterprise, governments are catching on and developing regulations to curtail abuse and monitor responses to data breaches. In particular, organizations doing business in Europe will need to comply with The General Data Protection Regulation (GDPR), set to go into effect May of this year. The regulation stands to affect those who own data on EU citizens and have a certain number of employees in their organization.
You can explore the GDPR for yourself, here.
Specifically, this policy will:
- Require reporting of data breaches: Organizations are required to inform customers through the proper monitoring, reporting, and investigate tools, whether a data breach will result in discrimination, damage to reputation, financial loss, or loss of confidentiality. The GDPR regulations state that organizations will pay 2% of global turnover or $11 million dollars, whichever figure is higher – in addition to the already hefty costs of a data breach.
- Require accurate information sharing with other organizations
- Communicate Privacy Information: Organizations will need to communicate their lawful basis for having European citizen data, data retention period, and a complaint hotline for improper data handling. Additionally, end-users will also have the rights around the accuracy, deletion, portability, and promotional use of their data,
- Require organizations to quickly respond to data requests
- Require consent for data tracking: That is, pre-ticked checkboxes on sign-up are no longer allowed.
- Require data protection for children under the age of 16
Organizations are already investing millions of dollars into this initiative, creating the necessary protocols and hiring the right leaders to avoid penalties.
Is your organization struggling to figure out its data strategy? Contact us today at www.perficient.com for a conversation with one of our specialists.