Skip to main content

General Data Protection Regulation - Why it Matters

Compliance with IT security and data privacy regulation is of growing concern to most European organizations. Businesses large and small are scrambling to assess their General Data Protection Regulation (GDPR) readiness, with less than a year to go until its implementation on 25 May, 2018.

GDPR is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). The new framework demands a reassessment of the everyday operational structure for businesses that handle personal data in the EU.

The aim of the GDPR is to protect all EU citizens from privacy and data breaches in an increasingly data-driven world that is vastly different from the time in which the 1995 directive was established. Although the key principles of data privacy still hold true to the previous directive, many changes have been proposed to the regulatory policies.

Penalties for Non-Compliance

Organizations in breach of GDPR can be fined up to 4 percent of annual global revenue or €20 Million (whichever is greater). This is the maximum fine that can be imposed for the most serious infringements -- i.e. not having sufficient customer consent to process data or violating the core of 'Privacy by Design' concepts.

There is a tiered approach to fines -- i.e. a company can be fined 2 percent for not having their records in order (article 28), not notifying the supervising authority and data subject about a breach or not conducting impact assessment. It is important to note that these rules apply to both controllers and processors -- meaning 'clouds' will not be exempt from GDPR enforcement.

European IT Security Market Development

Canalys forecasts that this will spur the IT security market in Western and Central Eastern Europe to grow 16 percent to $11.5 billion in 2018. However, Canalys believes that there are significant differences in preparedness between companies of varied sizes.

"Our research shows that large businesses are well informed on information security regulations, with resources in place to ensure compliance. With ransomware threats such as WannaCry causing havoc, shareholders will be more willing to accept increased data security and compliance budgets to protect their long-term investment," said Nushin Vaiani, senior analyst at Canalys.

Small and medium businesses (SMBs) naturally have fewer resources, placing obvious constraints on implementation. But there are potentially massive fines for non-compliance with GDPR, potetially putting some SMBs under the threat of bankruptcy.

According to the Canalys assessment, all businesses must take action now to safeguard from this danger. Overall, the net effect on SMBs will be significant and many are turning to their existing relationships with IT channel partners for help.

Canalys expects this trend to accelerate in the coming weeks and months, as SMBs realize they have little time left to implement changes if they are to meet the May 2018 deadline.

Popular posts from this blog

Software-Defined Infrastructure: The Platform of Choice

As more organizations adapt to a hybrid working model for their distributed workforce, enterprise CIOs and CTOs are tasked with delivering new productivity-enabling applications, while also seeking ways to effectively reduce IT cost, complexity, and risk. Traditional IT hardware infrastructure is evolving to more software-based solutions. The worldwide software-defined infrastructure (SDI) combined software market reached $12.17 billion during 2020 -- that's an increase of 5 percent over 2019, according to the latest market study by International Data Corporation (IDC). The market grew faster than other core IT technologies. The three technology pillars within the SDI market are: software-defined compute (53 percent of market value), software-defined storage controller (36 percent), and software-defined networking (11 percent). "Software-defined infrastructure solutions have long been popular for companies looking to eliminate cost, complexity, and risk within their data cente

Digital Identity Verification Market to Reach $16.7B

As more enterprise organizations embrace the ongoing transition to digital business transformation, CIOs and CTOs are adopting new technologies that enable the secure identification of individuals within their key stakeholder communities. A "digital identity" is a unique representation of a person. It enables individuals to prove their physical identity during transactions. Moreover, a digital identity is a set of validated digital attributes and credentials for online interactions -- similar to a person's identity within the physical world. Individuals can use a 'digital ID' to be verified through an authorized digital channel. Usually issued or regulated by a national ID scheme, a digital identity serves to identify a unique person online or offline. Digital Identity Systems Market Development Complementary to more traditional forms of identification, digital identity verification systems can enhance the authenticity, security, confidentiality, and efficiency of

Global Pandemic Accelerates the Evolution of Transportation

Given the current trends across the globe, organizations that depend upon the continued growth of personal vehicle ownership will need to consider a plan-B scenario. While some companies will be able to adapt, others may find that their traditional business model has been totally disrupted. According to the latest worldwide market study by Juniper Research, Mobility-as-a-Service (MaaS) will displace over 2.2 billion private car journeys by 2025 -- that's rising from 471 million in 2021. Juniper believes that for MaaS to enjoy widespread adoption, subscription or on-the-go packages need to offer a strong combination of transport modes along with feasible infrastructure changes, high potential for data collection and low barriers to MaaS deployments. Mobility-as-a-Service Market Development The concept of MaaS involves the provision of multi-modal end-to-end travel services through a single platform by which users can determine the best route and price according to real-time traffic