1 Year Since GDPR: The Top 5 Points to Know

It's been a year since GDPR, or General Data Protection Regulation, went into effect and the privacy surrounding the personal data of EU residents is as important as ever. Missed the news? We've put together a quick recap of the top 5 points you should be aware of so that you can be sure that you and your business are complying appropriately.

  1. The purpose of GDPR is to bring all states within the EU to the same, high level of data protection. The GDPR served as a way to standardize this protection, as well as increase the amount of protection they could expect and demand.

  2. The data being held to these strict privacy standards is any type of information that could be used to identify a person. This can be anything from a name, a social media post or photo, address, computer IP address, and more.

  3. If your business doesn’t comply, you’re looking at hefty fines. The highest end of these fines can be 4% of your annual global turnover or €20 million—whichever is greater. That’s no laughing matter, so ensuring that you have client consent before collecting data from them is critical.

  4. Consent of obtaining this personal data has firm parameters. The request must be communicated in an easy to understand form—no long winding legal jargon. The request must also outline why this information is being collected, and what it will be used for.

  5. The GDPR aims to establish a system that continuously maintains confidentiality, gives users the ability to see who has their data and how they’re using it, and allow people’s data consent to be revoked at any point they decide. If for some reason their data has been breached, it requires them to be notified within 72 hours.

Have more questions about GDPR? We personally found this guide to be quite comprehensive. The GDPR also has its own site devoted to hosting information about the complicated subject. If you haven’t already, we suggest investing the time to ensure that your current data collection practices are compliant with the GDPR, and seeking official legal counsel for any scenario specific questions you may have. The more prepared and careful you are with your data collection practices, the less you have to worry about violating the regulations and getting your company into an expensive mess.

Get a FREE Network Health Assessment

Ensure your network is secure and let our IT engineers recommend improvements.

Let's do it!

INNOVEX