If you’re a business which operates within the digital market, chances are you’ve heard of something called GDPR. However, you might not know what this means for you and your business. As your Microsoft Gold partner, we’re here to explain the many changes brought about through GDPR which may affect you, as well as how you can ensure that you remain GDPR compliant. Join us as we explore and break down the EU’s latest data management legislation.
What is GDPR?
Straight away, it’s important to make clear that any business which handles users’ data MUST comply with the new rulings under General Data Protection Regulation (GDPR). So, if you, like us are a company which regularly manages customers’ data and information these changes will mean a lot to you. GDPR is a new law created by the EU which will replace our existing Data Protection Act (DPA) which was created in 1998. Under this law, companies holding users’ data were granted the ability to request a fee of up to £10 from customers asking for access to their personal data held by the company. However, these laws are regarded as out of date and are set to be replaced by GDPR.
What will GDPR change?
The central focus of GDPR is to make your data safer online, whilst ensuring those responsible for its use and safekeeping are held responsible should anything happen to your information. As well as this, users are to be granted more control over their information under GDPR, with the introduction of new consent standards in the form of the double opt-in which will mean companies will not be able to send emails to you without your express consent. GDPR will also give users greater power to access their information being held by a company, granting you the ability to request what personal data of yours is being held by any company.
But how will this be enforced?
You’re probably thinking that these changes sound good on paper, but wonder how they will be enforced. The answer to this is the huge new fines which companies could face should they fail to follow the new GDPR regulations. A company found to be in gross or repeated violation of the new GDPR rules could face fines more than EUR20-40 Million or 2%/4% of total global income. Smaller fines will be imposed for more minor infractions, but these penalties aren’t something companies should ignore.
When will these changes happen?
GDPR will become legally enforceable from the 25th May 2018. However, many companies including Microsoft and ourselves are already ensuring we’re GDPR compliant in preparation for the regulation’s passing into law next year.
Want more information about GDPR? Take a look at the rest of our dedicated content on our website's Insight page for a range of regularly uploaded blogs.