By Sungard AS
The General Data Protection Regulation (GDPR) is likely to impact smaller companies as a recent study shows that 82%1 of SMEs are unaware of the new legislation and will potentially be hit with large fines when it starts being enforced next year.
The GDPR will replace all the existing data protection laws across Europe and shape the way in which companies handle, protect and profit from data. All businesses and not-for-profit organizations that process personal data concerning employees, customers or prospects who are in the EU and/or are EU citizens fall within its scope, wherever in the world the company is based and even if the data is processed outside the EU.
In other words, European data protection law will now apply worldwide, and businesses have until 25 May 2018 to prepare. IT Consultants from Sungard Availability Services (Sungard AS) can help you make a smooth transition into GDPR compliance. With Sungard AS at your side, you can reduce potential risks with a comprehensive GDPR approach and avoid fines, which can equal as much as 2-4 percent of your global revenue.
Through the GDPR, the EU recognises:
It is by attaching rights to an individual's data separately to the right attached to an individual, that the EU can demand EU-grade data protection standards on businesses in other countries. The onus is on businesses to determine if they are in scope. Consider three simple questions:
If you answered yes to any of the three questions, it is most likely that your organization is in scope of the GDPR. Unless you are confident your existing data handling procedures are already compliant with the regulation, this means action needs to be taken now to prepare for the May 2018 deadline.
There has been a lot of noise in the IT press about swingeing fines and GDPR is frequently portrayed as the new corporate bogeyman. It has to be said these fears are not without foundation: a two-tier sanctions regime will apply and breaches of the law could lead to fines of up to €20 million or 4% of global annual turnover for the preceding financial year, whichever is the greater, being levied by data watchdogs2.
However, scaremongering is not a constructive approach. The good news is that correct implementation of the GDPR will not only ensure compliance and mitigate the risk of fines but, more importantly, will give compliant businesses a competitive advantage. That's why Sungard AS advocates that organizations consider GDPR a central plank of business strategy that has high visibility with the Board.
Our consultants can help you initiate a GDPR compliance programme, develop the business case and establish a plan of action to gain competitive advantage by achieving cyber resiliency and regulatory compliance. To find out more, please contact us.
1 Survey of 821 IT and business professionals responsible for data privacy across the US, Canada, Asia Pacific (Australia, Hong Kong, Singapore, India), UK, Germany, Sweden, Belgium, The Netherlands, France, Italy, Spain and Poland conducted by Dimensional Research on behalf of Dell