Skip to main content

General Data Protection Regulation - Why it Matters

Compliance with IT security and data privacy regulation is of growing concern to most European organizations. Businesses large and small are scrambling to assess their General Data Protection Regulation (GDPR) readiness, with less than a year to go until its implementation on 25 May, 2018.

GDPR is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). The new framework demands a reassessment of the everyday operational structure for businesses that handle personal data in the EU.

The aim of the GDPR is to protect all EU citizens from privacy and data breaches in an increasingly data-driven world that is vastly different from the time in which the 1995 directive was established. Although the key principles of data privacy still hold true to the previous directive, many changes have been proposed to the regulatory policies.

Penalties for Non-Compliance

Organizations in breach of GDPR can be fined up to 4 percent of annual global revenue or €20 Million (whichever is greater). This is the maximum fine that can be imposed for the most serious infringements -- i.e. not having sufficient customer consent to process data or violating the core of 'Privacy by Design' concepts.

There is a tiered approach to fines -- i.e. a company can be fined 2 percent for not having their records in order (article 28), not notifying the supervising authority and data subject about a breach or not conducting impact assessment. It is important to note that these rules apply to both controllers and processors -- meaning 'clouds' will not be exempt from GDPR enforcement.

European IT Security Market Development

Canalys forecasts that this will spur the IT security market in Western and Central Eastern Europe to grow 16 percent to $11.5 billion in 2018. However, Canalys believes that there are significant differences in preparedness between companies of varied sizes.

"Our research shows that large businesses are well informed on information security regulations, with resources in place to ensure compliance. With ransomware threats such as WannaCry causing havoc, shareholders will be more willing to accept increased data security and compliance budgets to protect their long-term investment," said Nushin Vaiani, senior analyst at Canalys.

Small and medium businesses (SMBs) naturally have fewer resources, placing obvious constraints on implementation. But there are potentially massive fines for non-compliance with GDPR, potetially putting some SMBs under the threat of bankruptcy.

According to the Canalys assessment, all businesses must take action now to safeguard from this danger. Overall, the net effect on SMBs will be significant and many are turning to their existing relationships with IT channel partners for help.

Canalys expects this trend to accelerate in the coming weeks and months, as SMBs realize they have little time left to implement changes if they are to meet the May 2018 deadline.

Popular posts from this blog

Digital Transformation Spending Reaches $1.8 Trillion

Ongoing investment in business technology will remain on track, despite concerns about the global economic outlook which continues to evolve in 2022. Enterprise CIOs and CTOs are focused on operational profitability and digital business growth goals that are enabled by strategic IT initiatives. Global spending on the Digital Transformation (DX) of business practices, products, and organizations is forecast to reach $1.8 trillion in 2022 -- that's an increase of 17.6 percent over 2021, according to the latest market study by International Data Corporation (IDC). Many anticipated DX investments will sustain this pace of growth throughout the 2021-2025 forecast period, with a five-year compound annual growth rate (CAGR) of 16.6 percent. Digital Transformation Global Market Development "IDC expects to see aggressive DX technology investment growth in 2022 following a minor slowdown during the pandemic period," said Craig Simpson, senior research manager at IDC . "As orga

Flexible Working: Why Company Culture Matters

The main reasons for the Great Resignation are obsolete leadership, fearful middle managers, and a toxic culture that hinders employee engagement. Perhaps that's why some organizations are still struggling with the consideration and development of a flexible working model.  They're incapable of evolving to a more enlightened approach to work where employees are treated with respect. They're stuck in a bygone era of the 20th-century industrial revolution where 'shareholder value' tops all other values, and where spreadsheets and financial data analysis drives all key decision making. We should not be surprised that 76 percent of human resource (HR) leaders now feel that hybrid work challenges an employee's connection to organizational culture, according to a recent survey by Gartner. A 2022 poll of HR leaders reveals the most challenging aspect of setting their hybrid strategy is adjusting the current organizational culture to support a hybrid workforce. In fact,

Energy Sector IoT Cybersecurity Gains Momentum

The electric distribution industry continues to invest in digital transformation projects. Advanced Metering Infrastructure (AMI) technology is becoming a driver for connected electricity meters, which will reach an installed base of 1.3 billion by 2027. AMI growth is prompting utilities and energy suppliers to revisit their IT infrastructure security and device management operations, according to the latest worldwide market study by ABI Research. Energy Infrastructure Security Market Development Digitization of traditional electricity grids and the modernization of the aging energy infrastructure is among the top concerns for utility operators and governments worldwide. Security for last-mile energy consumption applications was frequently overlooked. "However, the introduction of AMI, smart metering, and grid digitization is steadily increasing spending for secure management services, assisting implementers to transition to IT (information technologies) and OT (operational techno