Contracting Excellence Journal

Articles, news and insights from World Commerce & Contracting staffers and over 70,000 Members.

Subscribe and never miss out. There's always something going on here!

Now that the General Data Protection Regulation (GDPR) has become mandatory (effective 25 May 2018), what did your organization go through to satisfy the new law? 

Are you now compliant and free to move on – no more worries?  Or are you still struggling?

We all know -- since the 1970s -- data protection laws have been enacted to protect personal privacy, specifically by prohibiting the disclosure or misuse of information about businesses and private individuals. But as time progressed, data protection got more complex, challenging and difficult to enforce successfully.  Serious breaches escalated, especially with advances in online technologies and data storage and its use (or misuse) via the internet. 

In response, the European Union (EU) adopted the GDPR in 2016.  It applies to private and public sector businesses -- including nonprofits or “not for profit” organizations -- located in the EU. And as well, most organizations outside the EU must now comply if they are doing business within the EU. 

GDPR is viewed by many as the most intimidating regulation yet.  The biggest worry is severe penalties imposed on businesses for failing to protect customer and organizational data.  A data breach could result in a fine of €20 million (20 million Euros or in US dollars, $23,921.00 current estimate) or 4% of annual turnover, whichever is highest.1

One research report states: 2017 has been a tumultuous year for security breaches. The May 2017 global cyberattacks on many prominent organizations -- like the delivery juggernaut FedEx -- have been an urgent wake-up call to information management professionals. More than ever, businesses and enterprises must be vigilant to prevent becoming another statistic in the next major security breach.

“By 2020, it’s estimated the volume of data produced by humans and machines will grow by at least 50 percent. Machine-produced data is projected to grow 50 times faster than traditional data. The penalties for not meeting compliance standards and the increase in employee mobility also raise the question:

How can organizations protect themselves?  Many articles provide helpful advice, two might be a good place to start.2 

Myths about GDPR

It might also help to expose the myths – incorrect assumptions many have made -- such as these:

  • The GDPR does not apply to businesses outside the European Union (EU).  It only applies to companies in the EU. (We are not a European organization and do not have to worry about GDPR compliance – and no way can fines be imposed on us.)
  • We have only 4 employees and therefore do not have to worry about GDPR compliance.  Or… we have fewer than 250 employees so GDPR does not apply to us.
  • All personal data is the same.
  • GDPR does not apply to data collected. The personal data already contained in our database is not subject to the GDPR.
  • It’s your CLOUD service provider’s job to make sure your data is compliant. (The data is stored by my CLOUD provider, so GDPR is their problem.)
  • Every company has to appoint a Data Protection Officer. 
  • Fines are the biggest threat to your business.
  • All security incidents must be reported within 72 hours.
  • All data must be encrypted to be in compliance with the GDPR.
  • We are a nonprofit organization and therefore are exempt from GDPR compliance.  We do not undertake a profit-related activity.
  • When relying on consent to process personal data, consent must be explicit. 
  • GDPR is all about encryption, pseudonymization and privacy enhancing tools.

OTHER COMPREHENSIVE REFERENCES

If you still need some basic explanations of GDPR, here are more helpful references:

END NOTES

Subscribe to the IACCM  Contracting Excellence Newsletter

About Globality

Globality’s stated mission is to “give all companies an opportunity to compete and win based on the merits of proven performance, expertise, and passion.”

> Back to all posts
    Download our
    Ten Pitfalls Report

    Download the Pitfalls Report

    See the February Edition of the Contracting Excellence Newsletter
    See the December Edition  of our Contracting  Excellence Newsletter

    Posts by Topic

    see all

    Recent Posts

    World Commerce & Contracting Membership Types & Pricing

    Take a look at the various membership types, or take a better look by becoming a FREE Trial Member

    Membership Types & Pricing