How is your business preparing for the Global Data Protection Regulation (GDPR)?
In today’s marketplace, there are only two kinds of businesses: those ready for implementation of the GDPR – and those that think they are. Nearly one-third of companies reported being ready to comply with GDPR in a recent study by Veritas Technologies, but only 2% of them actually were.
If your business collects or retains personably identifiable information from citizens of any of the 28 European Union member states, you need to comply with the GDPR.
And there’s a lot to comply with: the GDPR, designed to strengthen data protection for citizens of the EU, outlines a number of requirements, including how personal data should be processed and stored, how consent should be obtained and how data breaches should be reported.
If your business isn’t ready for the world’s most sweeping data privacy regulation when it takes effect in May 2018, it better be ready to face some hefty non-compliance fines. A business could be hit with a penalty as severe as having to pay the greater of $23M/€19M or 4% of global revenue.
Here are 5 steps to help your business prepare for GDPR compliance.
Involve every business unit
Connect with every department in your business to ensure all teams understand what GDPR is, how it could impact the ways they work and why compliance must be achieved. GDPR’s impact isn’t limited to IT only; it’s incumbent on company leaders to ensure there is organization-wide awareness of the scope of the regulations and the potentially significant penalties for violations.
Develop a plan
Develop an implementation plan and communicate what needs to be done by unit heads from an operational standpoint to ensure compliance, such as reviewing security controls and scheduling time with auditors to identify potential compliance gaps. The time to develop your plan is now. Some companies will wait until the last minute and then scramble to meet the deadline, potentially missing important gaps in GDPR compliance coverage in the process. This is a time-consuming process that can’t and shouldn’t be done at the eleventh hour.
Ensure your partners, vendors and other business associates are also taking the proper steps to adhere to GDPR policy and protect the personally identifiable information given to their companies. Ask them to provide proof of their GDPR compliance. If one of your vendors is out of compliance, that liability could extend to your company.
Make a list of shortcomings after reviewing security controls, meeting with auditors and connecting with vendors and partners. Develop plans to resolve them by directing resources to remedy issues.
Hire a Data Protection Officer (DPO)
Appoint a DPO to help prepare the company for GDPR compliance, guide it once the regulation takes effect and manage unforeseen hurdles and new provisions. For certain companies, including those that process or store large amounts of EU citizen data, a DPO isn’t optional; the GDPR mandates it.
Compliance with GDPR isn’t a choice; it’s mandatory if your business stores, manages or processes the personal data of EU citizens. The GDPR includes specific provisions, significant penalties and little room for misinterpretation. Take the right steps now to help ensure your company is positioned for GDPR compliance on time.
Sonian preserves, protects and presents the world’s information.
More than 28,000 customers in 43 countries trust Sonian’s secure proprietary platform to retain, retrieve and surface critical data and protect intellectual property.
Founded in 2007, Sonian is the only pure public cloud information archiving company, providing services that are easy, flexible, actionable and reliable for OEM partners and their end customers. Sonian allows companies to preserve, analyze and access their electronic communications for legal, regulatory and continuity purposes while gaining organizational insights.
Sonian is building the future and solving big data problems for companies, all while managing more than 20 billion objects in the cloud.
Have questions? Want more info? Need help?
[eBook] 2017 MSP Survey Results: The New World Order
See how MSPs are surviving and thriving in a cloud-first world.