#GDP… what? A deeper view on the most important change in data privacy regulation in 20 years
Time is running and Companies are on a rush to be compliant with the new European regulation in terms of data protection. Let’s have a deeper view on it.
The General Data Protection Regulation (we have already seen it here) is a new set of rules specifically designed to protect the web data of European citizens.
Introduced by the European Union, defining it as the “most important change in data privacy regulation in 20 years” (www.eugdpr.com), it will come into effect the 25th of May, 2018, as answer to an increased need for advanced protection for all those data we all constantly provide on the internet, in a period when malware (among others, Wannacry is an example) and cyber-attacks (like the one that affected Equifax) are constantly growing both in number and strength.
In the previous article, we saw the changes brought by this new regulation are various and regard both operational and organizational aspects:
- Users are to be allowed to request a copy of the personal data they provided;
- A new figure has to be introduced: the Data Protection Officer;
- If the controller/processor needs to move the collected data from a Country to another, it has to be defined even a Lead Supervisor Authority;
- Data breaches have to be reported within 72 hours from the moment they are discovered.
It is important to underline the GDPR has to be respected not only by European Companies, but even by all those extra-European Companies managing EU citizens' data.
As we said, there are still 7 months to set everything up to be compliant with this regulation, but not all European Companies are moving at the same speed: according to a Kaspersky Lab report, Italy, UK, Germany, France and Spain are the top 5 Countries in terms of being ready for the change, while Belgium, Portugal, Norway and Denmark have still a lot to do.
The fact is time is passing and many different things have to be done, but, in the world of Internet of Everything, protection cannot be ignored anymore.