May 25 is an important deadline for many businesses, and it’s coming up fast.
The deadline has to do with the General Data Protection Regulation (GDPR), and numerous U.S. businesses have been working hard to become compliant to avoid stiff penalties. Although larger companies that routinely deal with an individual’s personal information are aware of and working on changes to adhere to the new rules, small businesses might not realize that the new guidelines could affect them, too.
With the countless stories circulating in the news about the loss of personal data and identity theft, people are now more aware that they need to protect themselves. Many are demanding stricter consumer protection placed on everything from social media platforms to online banking and shopping and more. People want a say in how their personal information is used and they want a way to remove their information from businesses that they no longer use.
What Is GDPR?
The GDPR replaces an older European Union (EU) Data Protection directive, which regulated companies based primarily in the EU. The new rules are designed to give EU member citizens and residents better data privacy and security protection and to allow them more control over how businesses gather, use, store and even destroy their personal information.
This major change to established data protection rules is the largest in the last 20 years. As the new directions take effect on May 25, many U.S. companies are scrambling to make sure all software and processes are compliant by then.
Specifics of the following key changes are outlined in the EU GDPR website
- Increased territorial scope
- Penalties and consent
- Breach notification
- Right to access
- Right to be forgotten
- Data portability
- Privacy by design
- Data protection officers
Why Should You Become Compliant?
GDPR compliancy can affect more than just members of the EU. If your business refers to EU customers in copy or processes any of their personal data – or even if your customers’ customers serve members of the EU – then you could be subject to the new protocols. The regulations can apply even if there is no financial transaction; this is not, as many think, just a banking issue.
Another important fact is that the rules also apply to the “Cloud” – both controllers and processors must follow the regulations.
Penalties are large and can wreak havoc on small businesses. Serious infractions can result in a maximum fine of “up to 4% of annual global turnover or 20 Million pounds (whichever is greater)
”. Fines are tiered depending on the violation, but for companies that operate on a small budget, it could be devastating.
If you need help in understanding the new rules, the EU GDPR
website provides a wealth of information and is a good place to start.
There is no need to panic if you wonder if your business could be affected by GDPR. Although you may need to change a few processes and add additional layers of protection to your personal data measures, an IT Managed Services Provider (MSP) can help.
The professionals at TeamLogic IT are fully aware of the scope and impacts of these new regulations and can provide both guidance and implement changes to your systems so your business can become fully compliant and continue to run without interruption.
Since 2007, TeamLogic IT has become the 36th largest IT service provider globally. Our success is driven through one core mission - to leverage technology for our customers.Thousands of businesses across the US - just like yours here in Wilmington, NC - are taking advantage of our ability to deliver highly available, secure and flexible IT systems. At TeamLogic IT, our philosophy is simple - we work with you the way we'd want someone to work with us. Visit us today in the Port City at 2901 North Kerr Ave., 910-500-1392. If email works best for you, contact me personally at [email protected].