Data Privacy and GDPR

Posted by Timothy Platt on Jul 22, 2017


GDPR and Data Privacy

The GDPR is coming! What’s the GDPR? It’s the General Data Protection Regulation. It is a tough new standard for data privacy – protection for personal data such as citizen names, email addresses, home addresses, etc. It’s a new regulation that attempts to unify and strengthen personal data protection for all individuals within the European Union (EU). Just because your business is US based doesn’t mean it won’t apply – because it also addresses the export of data outside of the EU. Further, it’s intended to protect and empower the data privacy of all EU citizens. That’s a sizable number of countries and people. And lastly, it’s expected to bring a major shift in the way organizations handle private data. Expect ripple effects and requirements for improved data privacy in the US. And shouldn’t we be doing a better job at that regardless?

How does the GDPR impact businesses?

There’s 3 key entities defined by the GDPR: the data controller (the organization that collects data from EU residents), the processor (organization that processes data on behalf of data controller such as cloud service providers), and lastly, the data subject (person). The data subject is any person located within the EU. Take a look at that last item again – the GDPR will apply to your business if you are collecting private data on EU citizens, even if your company is US based.

The immediate ramification is that if you currently do business, or wish to do business with EU consumers, you’ll need to meet the requirements of this regulation. If you don’t, you could be subject to audits and fines.

But secondly, we expect that this tough new level of data privacy will have ripple effects on the US: EU based companies with high data privacy standards will have a competitive advantage over US companies, and given the comparatively lax state of data privacy in the US, you can expect additional requirements to come in the future through various channels.

But lastly, don’t we owe consumers a higher level of data privacy than what is common practice now? Breaches of information are numerous and have long term impacts. Handling data privacy in a thorough fashion can be a competitive advantage for your business, and can minimize the damage and embarrassment when data breaches do occur.

Better data privacy is better for business.

What’s considered personal data?

The GDPR scope is very broad, including:

What does the GDPR require?

The WikiPedia page on GDPR has a great summary, and a very easy to navigate version of the complete GDPR can be found here. There are 160 regulations that cover how to properly collect, use, and store private data. The high level points are described below.
European Union (EU) Map
Rights for citizens:

Additional requirements on companies:

One last point, private data that is encrypted is still considered to be private data. The protections needed for private data go far beyond encryption. Encryption is just the start.

When does GDPR take effect?

While the regulation was adopted in April 2016, a transition period is underway (from the previous data protection directive), and the GDPR will be fully enforceable in May 25, 2018.

Next Steps on Data Privacy

There’s a lot to consider regarding the GDPR. Does it impact your company now? How about in the future? The first step is to understand the full impact and implement a prioritized plan to meet the requirements. Maybe GDPR doesn’t apply to your small business, but you want to protect your consumer data thoroughly regardless. That’s where we can help. Contact us now with your data privacy concerns and questions. We can advise, plan, and assist to ensure you can meet your data privacy goals. Please reach out if we can be of help to your company.

Contact VO for Data Privacy help now

The Orlando IT Company that Cares About Your Small Business

Virtual Operations is the Orlando IT company that cares about your small business. The business consultant you choose can make all the difference. Our Managed IT Service offering provides the expertise and proactive care required to ensure your technology works for you. We are Orlando’s best small business consultants, and that is the advantage that Virtual Operations provides.

EU globe map provided by S. Solberg J., CC BY 3.0, Link


Like To Learn More? Send Us A Message or call direct 407.268.6626

Back to Blog

Sign up for free and be the first to know about updates

Subscribe to Email Updates

It appears you are viewing this site through an obsolete web browser.

This site was built to comply with modern web standards and relies on features unavailable in browsers that are out of date.

You can learn more about your browser here. And you can learn more about modern web browsers here.

To hide this notice, click here.