We live in times, where information plays a major role. Every business wants to generate a return on investment (ROI) and that requires them to gather data to make an intelligent decision. Be its name, email, address, etc. However, in today’s world, more data is being collected, such as hobbies and interests of a person. The intention behind the collection of such information is to make smart data-backed decisions and lower the probability of failure in any venture.
Governments of different nations play a role to keep a close eye to ensure that its citizens are safe. However, the age of information saw an unprecedented growth in the past couple of decades and different nations are still trying to figure out how to keep things under the order. With the same thought-process, the European Union came up General Data Protection Regulation (GDPR). Set to become effective by May 25, 2018, businesses are already making changes to comply with GDPR policies.
This is the first time since the 90s, that major changes in the policy are coming into effect. However, many business owners are not aware of the changes they need to make to stay on the safe side. In this blog post, we have compiled a list of points to give an overview to the reader on GDPR. Without further ado, let’s jump right into it.
Under GDPR, it becomes mandatory for large organizations to hire Data Protection Officers (DPO). The DPO will ensure compliance with the policies of GDPR and take necessary actions if his/her organization is not complying.
Breaking the News
As per GDPR, it is mandatory for organizations to share the news of a security breach with relevant authorities. The news about such an event is to be shared within 72 hours.
Everything about Data
Businesses and organizations have to disclose what information they are collecting as well as why they are collecting. Finally, they may also have to tell with whom are they sharing the data. Furthermore, the user can request an organization to inquire what information they have on him/her.
Those businesses, which are not found in compliance with GDPR, may face heavy fines. For instance, an organization like Google, if found guilty, may have to pay a fine 4% of total annual revenue or 20 million USD, whichever is higher.
Finally, as 2018 unfolds, we may see few of the organizations pay for not adhering to the policies of GDPR. However, whatever the case may be, most experts believe that data is the new gold, which must be protected at all cost to ensure privacy.