General Data Protection Regulation (GDPR) Compliance
The General Data Protection Regulation (GDPR) is a European Union law, but it's going to impact businesses beyond the EU. Basically, any business that collects and processes personal data of EU individuals will need to achieve GDPR compliance by deadline day, May 25th, 2018.
GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly. Here’s what every company that does business in Europe needs to know about GDPR.
CyberSecop offers GDPR solutions to help you identify gaps in the information security measures necessary for GDPR compliance, get ready for the GDPR, as well as monitoring, detectect, and respond to threats in compliant to GDPR or other security frameworks.
What is the GDPR?
The European Parliament adopted the GDPR in April 2016, replacing an outdated data protection directive from 1995. It carries provisions that require businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. The GDPR also regulates the exportation of personal data outside the EU.
Any company that stores or processes personal information about EU citizens within EU states must comply with the GDPR, even if they do not have a business presence within the EU. Specific criteria for companies required to comply are:
- A presence in an EU country.
- No presence in the EU, but it processes personal data of European residents.
- More than 250 employees.
- Fewer than 250 employees but its data-processing impacts the rights and freedoms of data subjects, is not occasional, or includes certain types of sensitive personal data. That effectively means almost all companies. Survey showed that 92 percent of U.S. companies consider GDPR a top data protection priority.
GDPR, Identity & Cybersecurity
- What are the privacy & security requirements for being GDPR compliant? -
- Why we should think beyond GDPR when it comes to improving data security?
- Are you compliant / ready when GDPR goes into effect next month?
- What are some last-minute items to complete before the GDPR deadline?