Following four years of deliberation, the European Union parliament finally approved the GDPR last year and will be enforced as of may 25, 2018. The regulation is set to raise the standards for the processing of personal data to individuals in the EU and failure to comply with the regulation will result in costly penalties of either €20 million or four per cent of annual turnover.
Last year, large companies like Uber and Yahoo reported data breaches that resulted in personal data being leaked to unauthorised parties. The implementation of the GDPR will force businesses to take the necessary steps to ensure that the handling and storage of data is safe and secure. The current data protection regulation was introduced in 1980 and so it does not account for technological developments like social media. The GDPR will now position companies so that they must actively seek explicit permission from individuals to store their data. This includes outlining how the information will be used and what for.
The scale and breadth of changes to be made will vary between companies, depending on their current data processing policies. However, it’s important that all businesses understand how to leverage the competencies of their departments to make the transition smoother.