GDPR - European Union’s New Data Privacy Law

The most anticipated day has arrived. GDPR (The General Data Protection Regulation) comes into effect from today.

GDPR is a judicial substructure, which requires safeguarding the personal data and privacy of the natives of the 28 member states of European Union (EU). All the transactions, which take place within the European Union (EU) should be protected, according to GDPR.

This regulation is applicable to all organizations that work with the data of the residents of EU, such as banks, insurance companies, and other financial companies.

GDPR Compliance

As stated earlier, The General Data Protection Regulation (GDPR) gets into effect from today onwards.

If we could talk about the past discussions about GDPR - it took four years of contemplation for GDPR to officially be adopted by EU, since 2012.

This gave companies two years’ time to get GDPR compliant. Though, many businesses are yet not ready for it. Hence, the organizations that haven’t brought this regulation into effect will have to bear heavy consequences.

Industry Giants On GDPR

Let’s move on to understand the perspective of industry giants on the compliance of GDPR (The General Data Protection Regulation):

Discussing the trending topic of the day with Erik Andreson, Practice Leader of Cyber Security Services, F-Secure said that the proactive approach for data privacy and cybersecurity can come out with new kinds of business opportunities, together with the trust of your stakeholders. In lieu of searching for quick fixes to comply with GDPR, organizations should focus on the long-term sustainable improvements. Markets must work closely with the legal and IT departments over handling the personal data of customers they need for their strategic business objectives. He further added, “The regulation simply makes it the organization’s duty to assess and decide what types of measures shall be implemented to comply with the GDPR and to ensure that all precautions are undertaken to minimize the risk of data breaches by detecting breach attempts. In addition, the organization must be capable of notifying supervisory authorities of a breach within 72 hours after the attack”.

Srinivas Rao, Co-Founder & CEO, Aujas contemplating over the importance of digital security in the present times stated, “As the world is getting more and more digital with the proliferation of mobile phones and usage of the internet, it is very important for governing bodies to ensure that their people’s data and privacy are safeguarded. The digital economy can only flourish when you connect people, process, data and things in an ethical, meaningful and secure way. We feel that GDPR is a step towards that. The toughest aspect of the GDPR is its guidelines to adhere to the security policies by organization handling EU data in and outside of the state. In order to be compliant, businesses must begin by introducing the correct security protocols in their journey to reaching GDPR compliance, including encryption, two-factor authentication and key management strategies to avoid severe legal, financial and reputational consequences. India has evolved to become a technology hub equipped with deep expertise and GDPR could be an opportunity for Indian companies to stand out as leaders in providing privacy compliant services and solutions.”

We also had a word with Arun Balasubramanian, Managing Director, Qlik India on the compliance of General Data Protection Regulation. Arun remarked, “The GDPR applies to companies in Europe (specifically those in the EU / EEA), so it will affect an Indian company which has a European office or is marketing to European customers. The biggest challenge in meeting the requirements is understanding not only what personal data companies have in their multiple systems but also understanding the relationships of that data as well as who has access to it. This includes monitoring the consent and tracking of who opted in or out in for campaigns, newsletters, or petitions. GDPR is considered by many to be the highest global standard, and many countries have and will continue to strengthen their privacy laws in the near future”.

George Chang, VP, APAC, Forcepoint also optimistically commented, “While many may be worried about the implications of a new regulatory era, in reality, it will create trust and provide good practices that will benefit both the individuals and the business. These laws collectively present a positive business opportunity, when approached in the right way. Compliance can drive operational efficiencies, cost-savings and even fuel innovation. With strong data protection strategies in place, customers will place greater confidence in businesses, and businesses will minimize the all too common reputational and financial fall-out of a breach.”

To sum up, I would like quote Mark Zuckerberg, Facebook. As according to CNET, this is what he told the US lawmakers. He said, "I think the GDPR, in general, is going to be a very positive step for the internet."

Thus, your personal data would be safe from breaches from now on.