The Story of GDPR: Why it’s important

GDPR

GDPR are the four letters dominating the industry’s social media and with good reason. We all know GDPR will be live and in full regulation by the 25th May 2018, but understanding why it’s here and what needs to be done isn’t always clear.

That’s why over the next few months leading up to the 25th May we’re going to be talking about the facts, the figures and the reasons why GDPR has come in to play. First up let’s look at the background, why is GDPR being introduced and who will it affect.

So why introduce GDPR?

Personal data has become a hot topic in today’s day and age, especially with the increasing number of identity thefts and hoax phone calls. The general public want to have more say over their information, how it is used and who stores what details on them. GDPR has come in to play to do just that – give more control to the individual.

What constitutes personal data?

 Personal data is anything that is linked to an individual that indicates, refers to, or could be used to identify them. So, in essence anything from, about or related to a person. This includes a name, postal address, email address, date of birth, bank details, photographs, social media posts, medical information, IP address and so on. This is information that most, if not all organizations hold about their customers, and as it is usually held under one unified individual customer number it is linked and therefore can be related back to identify that person.

Who will be affected by GDPR?

It’s often thought that because GDPR is an EU regulation that it won’t affect organizations outside of the EU. The reality is it will have a huge impact across the globe, due to the nature of today’s global trading style.

The regulation applies to all companies and organizations processing or holding personal data of any EU resident, regardless of where that company trades. An interesting point to note here is that the UK is facing the likelihood of BREXIT, this doesn’t change anything with the affects of GDPR as the companies within the UK will still be trading with the EU and hold data of individuals within the EU.

So, the top and bottom of it is that GDPR is likely to affect almost everyone, especially if the company trades within or with the EU.

What are the implications of being uncompliant?

Failure to comply can result in very hefty fines, much bigger than the amount we have seen in the past. Failure to comply with GDPR from the 25th May 2018 could result in potential fines of up to £20 million or 4% of your company’s annual global turnover.

These fines are high for a reason, the regulators feel that over the past 20 years data protection hasn’t been taken as seriously as it should have been, so by introducing these fines it should make everyone realise the importance of keeping data secure and give the public confidence that their data is safe.

How can Assured DP help you?

There are many different elements to GDPR that can be difficult with the traditional data storage and backup solutions. For example, in GDPR an individual has the right to be ‘forgotten’, meaning the organization must delete all records they have on that person. This is a difficult task if older information is held on tape media. Rubrik indexes all data, including archived cloud data, using meta tags that can be retrieved using the simple Google like search tool.

The Rubrik solution was developed to make data protection and backup more in line with the modern world that we now live in. We expect everything instantly and why should data management be any different? It incorporates the latest tools and software that makes the traditional solution look and feel old fashioned, slow and complicated. With Rubrik all backup, recovery and archive tasks are contolled through a central interface wherever the data resides, be it on premise or in the cloud.

There are many ways in which Assured DP can help GDPR feel easier and achievable. In the next few months until the launch of GDPR we will be writing blogs and posting on social media to keep you informed about how you can be ready for the 25th May, what you need to have in place and the key facts. It’s important to remember that from the 25thMay the regulators will be able to ask any question on the new regulation and as an organization you will need to be ready to answer those questions, so stay tuned to our social channels and read the blogs to keep you up to date with the latest news.