Top Tips for EU data security legislation
Top tips for ensuring compliance in 2015
Major changes to EU data security legislation are coming. Yet, despite the threat of heavily increased fines, many are at risk of being unprepared for when the legislation hits. Businesses deemed to be in violation of the General Data Protection Legislation ( GDPR) could face fines of up to € 100m (£ 780,000 or US$ 1,218,895) or five percent of their annual worldwide turnover. Here’s a quick look at what can be done now, by both companies and their cloud service providers, in readiness for compliance with the new laws.
An important amendment aims to standardise data security regulations across all 28 EU member states. Once the law has passed, data breaches must be reported to regional officers ~ within 24 hours ~ and organisations will be subject to audits to ensure that they are indeed, compliant. Those organisations with more than 250 employees are likely to be required to appoint a dedicated Data Protection Officer. Neil Cross is the managing director at
Advanced 365, a company that provides IT managed services including security and data management. It has been working to build a compliant environment to support the new regulations ever since the framework for it emerged. Cross offers that the new rules also usher in an opportunity to take stock of existing data and look at how this can further drive business intelligence. But, he also warns: “For many businesses, outsourcing data hosting will be the most practical and costeffective means of achieving compliance, however, CIOs and their teams must ensure that potential suppliers are themselves fully compliant with the new regulations. Organisations which suffer data breaches caused by negligent cloud service providers will share liability with them. Due diligence has never been so important.”
Businesses deemed to be in violation of the GDPR could face fines of up to € 100m