General Data Protection Regulation or GDPR has been all the rage lately. Should you be aware of it as well? It turns out you should.
GDPR strengthens and unifies data protection regulations for individuals within the European Union and is the result of four years of work by the EU to bring data protection legislation into line with new ways that data is now used. The EU also aims to give businesses a simpler, clearer legal environment in which to operate, making data protection law identical throughout the single market (the EU estimates this will save businesses a collective €2.3 billion a year).
The right to be erased (or erasure) is also known as ‘the right to be forgotten’. The broad principle underpinning this right is to enable an individual to request the deletion or removal of personal data whether there is no compelling reason for its continued processing.
While the overwhelming majority of IT security professionals are aware of GDPR, just under half of them are preparing for its arrival, according to a survey of 170 cyber security staff by Imperva.
Just 43% are assessing GDPR's impact on their company and changing their practices to stay in step with data protection legislation, Imperva found. Despite this, nearly a third said they are not preparing for the incoming legislation, and 28% said they were ignorant of any preparations their company might be doing.
Starting from May 2018, all companies operating within the EU need to comply. Companies who fail to do so risk penalties ranging up to 20 million euro or 4% of their worldwide turnover in severe cases, depending on which of both numbers is higher.
These fines pose a big threat for many companies, since the impact of GDPR still isn't clear and - on top of that - legal and technological support to implement GDPR hasn't been sufficient up to now. Are you looking to prepare your organisation for GDPR? Look no further.
In cooperation with imec and KU Leuven, Leuven MindGate organizes a themesession on preparing for GDPR. In this themesession, we approach these GDPR challenges both from a legal and technical perspective. Speakers from both academia and industry will provide their insights.