What does GDPR mean? Chances are that you have seen this term thrown around recently, especially because of the fact that the deadline for its implementation of May 25th 2018 is drawing nearer. If you own a company registered somewhere in the European Union or if you have a company that deals with the personal data of citizens of the European Union – then your company is bound by the provisions of this regulative.
There were many debates as to the final text of the GDPR, but the members of the EU parliament have finally agreed on the text back in 2016. For those of you that are unaware – GDPR stands for General Data Protection Regulation. And as we’ve mentioned in the previous paragraph, this regulation will be enforced on 25 May 2018.
So, where does this leave you? If you’re bound by the provisions of this regulation, then you will need to take immediate measures to comply with it before the deadline comes. If you fail to do this, then you may face severe penalties.
In fact, the penalty for non-compliance after the deadline may rise all the way up to 20.000.000 euros – and even more than that in some cases.
GDPR is an update of the now obsolete Data Protection Directive 95/46/EC. It concerns the personal data of the citizens of EU. Now companies will have to deal with much stricter standards of control of how they use the personal data of EU citizens.
What was once considered innocuous information, such as the cookie data or the IP address of users and clients is now to be held on the same level as extremely sensitive personal information like the name of the person or his or her address and their security number.
A ‘reasonable level of protection’
The exact wording of the provisions of GDPR leaves for some freedom of interpretation. The wording is that companies now will have to provide a reasonable level of protection for the personal data of EU citizens. But nobody can really say what a ‘reasonable level of protection’ really is. This vague wording may cause a lot of trouble down the road when the GDPR will be enforced.
But what you can do for your company is to give it your best to implement most of the guidelines and provisions of the GDPR as quickly as possible and especially before the deadline. You may need some money to do this – it’s estimated that big number of companies will have to spend up to 1 million dollars for this purpose alone.
And hopefully, by the date of the official deadline, you will manage to implement the provision of the General Data Protection Regulation for your company and evade the steep fines that you may face if this is not the case.
Either way, we believe that this is a good regulative and that its effect will come in the form of increased protection of the personal information of the EU citizens. Everything your business needs to know about GDPR