31 July 2017
The GDPR goes into effect on 25 May 2018 and will affect every organization, anywhere in the world, that collects, processes or retains any “personally identifiable information, or PII” of European Union citizens. Recent news on GDPR:
Following the United Kingdom’s (UK) exit from the EU on 29 March 2019, the GDPR will no longer apply to UK processing activities relating to UK individual. Therefore, the UK government will need to enact domestic data privacy legislation to replace the GDPR.
This article by Russell Crampin covers the need to build information security into a “network hive” to meet GDPR requirements as well as enable work to be done as efficiently as possible. It discusses current challenges such as data growth from IoT, reputational risk through social media, and the possibilities of fraud in multichannel business models.
The task of processing requests from data subjects to delete their data, or to provide it for inspection, is exceedingly difficult given the data may be stored in multiple legacy systems, on-premise or in multiple clouds. This article proposes the creation of a master customer data environment, containing a “single source of truth”.
How will the new legislation impact BYOD (bring your own device), COPE (corporate-owned, personally-enabled), and corporate liability strategies? What will be the impact on securing mobile devices and handling user’s data? How will GDPR impact consent to use data, data ownership and the proliferation of data in the IoT?
New research from Calligo in the form of a survey of 500 IT decision-makers in companies with more than 100 employees and £15 million turnover, examined how businesses are preparing for the new regulation. Just 9% said their compliance departments were giving them full support. “Too many of those at the top think it is all about security, when that is only a part of it.”
More than eight out of 10 retailers consider themselves vulnerable to data threats, and 37% say they are “very” or “extremely” vulnerable, according to the 2017 Thales data threat report, retail edition.
Social media companies are the least-trusted organisations in the UK, when it comes to data protection, according to research by SAS. With that in mind, over a third of UK consumers (39%) are planning to remove their personal data from social media, once new data laws coming into play in 2018.
Rich Vining is a Sr. Product Marketing Manager for Data Protection and Governance Solutions at Hitachi Data Systems and has been publishing his thoughts on data storage and data management since the mid-1990s. The contents of this blog are his own.