Welcome,Guest
How does GDPR strengthen Data Security and why should you Care?
Posted by on in Uncategorized

The European Union (EU) rolled out the General Data Protection Regulation- (GDPR) on May 25, 2018, bringing stringent reforms in data protection policy for residents of the European Union (EU). The goal of the GDPR is to provide individuals with robust data rights so that they are aware of and have control over how companies are collecting, storing and processing their personal data.

Why the EU adopted the GDPR?

The EU had the 1995 data protection directive in place, but it was before social media existed and before the Internet became a second home for people. The EU adopted the GDPR in April 2016 to supersede the obsolete directive that failed to address today’s public concerns over data security and had negligible non-compliance fines.

What Key Changes the GDPR brings to Protect Privacy and Data Breaches ?

Increased Data Security via Pseudonymization and Anonymization

The GDPR aims at safeguarding individuals (formally called as data subjects in the GDPR) against cybercrimes, like data loss, theft and unauthorized access. Under the GDPR, data controllers and processors have a mandatory obligation to use pseudonymization or complete data anonymization for stored data of people in the EU, so that no unwanted person/organization can track your personally identifiable information.

Explicit Consent before Processing your Data

The GDPR requires all organizations, except law enforcement and national security agencies, to seek explicit consent before collecting and processing personal information of data subjects. As per the new data protection framework, silence, pre-ticked boxes or inactivity will no longer be acceptable to constitute consent. Besides, the language in the consent form has to be plain and intelligible. Data subjects are also enabled to withdraw consent at any time they want.

Right to Data Access and Data Portability

The new data protection law improves data transparency and empowers data subjects by providing the right to data access. Data subjects can ask companies what personal data they hold on them and whether or not that data has been processed. If yes, then where, for what purpose, how it was processed and who gets to see it.

Data controllers and processors are required to provide a detailed copy of the actual data with other details in a structured, commonly used and machine readable form. Data subjects also have the right to data portability, meaning they can transmit their personal data for free to another controller, wherever relevant, in a simple and plain language.

Breach Notification

In the event of a data breach that poses high risk to the rights of data subjects, data controllers are required to notify their supervisory authority and the data subjects about the data breach within 72 hours. The GDPR exempts data controllers from the breach disclosure requirement only if a data breach is unlikely to have a high risk to data rights. But, they are still required to document the data breach internally, so that they can produce it whenever their data protection authority (DPA) asks for it.

Extended GDPR Jurisdiction

Extra-territorial GDPR applicability is one of the biggest changes in the new data protection law. So, no matter your company is established inside or outside the EU, if your business collects and processes data of EU data subjects or monitors them, you have to be GDPR compliant.

Right to Data Erasure and Rectification

EU data subjects are also enabled to have their personal data completely erased when withdrawing consent for reasons, like data being obtained unlawfully or not being relevant or not being used for the original purpose. The GDPR also provides data subjects the right to get their incomplete or inaccurate personal data rectified.

Hefty Penalties for GDPR Compliance Violations

Under the GDPR, any business catering to EU residents will become a subject to supersized fines if it fails to show full compliance with the GDPR as of May 25, 2018. A GDPR breach can cost a company up to 4% of it annual global turnover or €20 Million, whichever is greater. Hefty penalties for non compliance are highly likely to deter businesses from not adhering to the GDPR requirements.

With the GDPR coming into force, we can assume that data privacy breaches, like the recent Facebook-Cambridge Analytica scandal, will not surface again, at least for the EU now. However, as with every policy, the GDPR is also not untouched by loopholes, which could still help unscrupulous companies to circumvent the GDPR. At this moment, we could only hope that the GDPR helps improve data security exactly the way it was intended for and eventually benefits the whole world, not just the EU.

Do you think that the GDPR has all that was required to stop privacy and data breaches? Do you foresee the GDPR spillover to the other parts of the world in near future? As always, your views are vital for us, please share them in the comment box below.


Last modified on
0

Comments

Product Engineering, software engineering company, Product Development, Product Migration, Product Re-engineering, Product Maintenance, Product Testing Commercial Application Development, Business Software development, commercial software for startups, Application Support and Maintenance, software testing Product Maintenance, Outsource product maintenance, product support and maintenance Product Migration, Product Re-engineering, product re-engineering services Product Research, Product Engineering, UI Prototyping Services Software Testing Services, Quality Assurance services, professional software testers, Load Testing, Functional Testing, Cross Platform, Browser Testing, Test Automation, Testing Tools, software quality analysis Functional Testing Services, software quality analysis, Software Testing Services, Application Testing Services, Functional Testing Types Automated Testing, Automated Testing Services, automation testing, test script development, Automation Test Tools, outsource automation testing Load Testing, Performance Testing Services, Load Testing Tools Offshore Software Development, Outsource software services, offshore outsourcing services, offshore software development services, IT outsourcing services, software quality assurance services, Offshore IT services, Custom Application Development Services, Offshore Product Engineering Benefits of IT Outsourcing, Offshore Software Development companies, offshore software development firms Outsource planning, IT outsourcing, IT development services, offshore IT companies, offshore software development Offshore Software Development, Outsource software services, offshore outsourcing services, offshore software development services, IT outsourcing services, software quality assurance services, Offshore IT services, Custom Application Development Services, Offshore Product Engineering Offshore Software Development, Outsource software services, offshore outsourcing services, offshore software development services, IT outsourcing services, software quality assurance services, Offshore IT services, Custom Application Development Services, Offshore Product Engineering