Will You Be GDPR Ready by 25th May?
The EU’s General Data Protection Regulation (GDPR) comes into force in May 2018. Be ‘Regulation Ready’!
Almost a year ago, the European Union’s (EU’s) General Data Protection Regulation (GDPR) Act was ratified. Now 12 months on, companies are finally showing signs of taking the necessary steps to comply with the law that is considered the biggest ‘shake up’ in data protection history. Albeit slowly. But as the famous saying goes, ‘time waits for no man’ and this is certainly the case as the countdown to this overhaul continues in earnest…
From May 25th 2018, the GDPR will come into effect, significantly impacting the way companies operating in Europe and beyond, obtain, handle and eradicate the personal information of all living EU individuals. It’s a law that is designed to give a citizen full control over their personal data and how it is used, while holding global entities to account should they mismanage the information.
Non-compliance carries heavy consequences, with possible fines as steep as EUR20 million or up to four per cent of a firm’s global revenue for the previous fiscal year, imposed. It’s no surprise therefore, that corporations are already looking to modify their global systems now.
As the development partner of choice for 53 international clients, Niteco has also made it a top priority to start modifying the digital solutions it provides in a bid to help companies adhere to the fine print of the law.
But first thing’s first: are your ducks in a row?
No modifications can be made if there isn’t an accurate full scale digital footprint to look back over. Updating privacy policies and flagging up risks and potential breaches, is essential homework. Niteco’s Founder, Pelle Niklasson recommends that a comprehensive corporate analysis of every data system and process is conducted before any changes are made. He says, “Review and redraft your current privacy notices; be transparent about how you seek, obtain and record consent; and how you accurately identify and classify child customers.” In addition, Pelle points out that it’s critical to also make sure you know how you, as a company, will ensure you manage data breaches internally and with the affected customer, within the specified deadlines.
“It’s a time-consuming task” Pelle admits, “But it will potentially save you millions of Euros in fines, not to mention saving your brand reputation.”
And despite the United Kingdom’s (UK’s) eventual divorce from the European Union, early whispers suggest the General Data Protection Regulation Act will be transposed into UK law, meaning UK companies, or companies who operate in the UK are not getting a free pass anytime soon!
Do you need a Data Protection Officer?
The ramifications of the Regulation are so far-reaching that experts are recommending a Data Protection Officer is appointed at companies with employees of 250 or more. “It’s easy to think that the GDPR is a legal issue, but it’s not” warns Pelle. “The stipulations in this law and their weighty implications mean businesses have no choice but to adopt new ways of working and institute a watertight culture of safeguarding personal data.” Pelle believes that a Data Protection Officer can lead on the necessary steps needed to ensure a company is ‘Regulation Ready’ and can also be that helpful conduit between the company and their development partner. Pelle adds, “Companies which are thinking ahead are already asking us to review their data structures and system security to ensure they meet GDPR requirements.”
What should you expect from your development partner?
Although the onus is on the company to ensure compliance, working with a software development partner that explicitly appreciates the implications of the law on your business, is critical. After all, their insight and problem-solving capabilities could save you millions. “Don’t procrastinate!” advises Pelle, “Start talking with your software development partner and together, begin the planning and execution as early as possible so that your company is ‘Regulation Ready’.
Pelle Niklasson is founder and Chief Executive Officer of Niteco, a global software development company that employs 200 people in Vietnam, Sweden, the UK, USA and Australia. Niteco is the largest Episerver partner in the world, but also specialises in CMS and e-commerce using Sitecore, Wordpress, Sitevision, VirtoCommerce, Imagevault, InRiver and more. In addition, Niteco creates bespoke solutions using Microsoft, OpenSource and mobile technologies.
Find out more about Niteco by visiting our website: www.niteco.com