The most popular and comprehensive Open Source ECM platform
Security and Data Privacy: GDPR is only Months Away, Yet Businesses (and Regulators) are not Prepared
If you wonder what GDPR is, you aren’t alone. A survey of US businesses found that 98 percent aren’t sure of the specifics of GDPR. That’s partly understandable since GDPR is an EU regulation that is due to go into effect next year, March 2018. GDPR addresses data protection and had has much more stringent requirements for managing data and privacy rights. Enforcement of the law will be done in 28 different countries.
But while many in the US are unaware of GDPR, the level of awareness about privacy and data protection is high. 96 percent of US businesses say that the importance of data privacy is growing, and 98 percent of businesses say successfully getting a handle on privacy management is very difficult and complex.
To meet GDPR successfully, 98 percent of businesses in the US say that they will need to invest more, particularly in technology tools for automating and operationalizing data privacy. 61 percent say that they have not considered or begun preparations for GDPR.
Do US companies doing business in Europe need to worry?
Nathalie Moreno, a partner at law firm Lewis Silkin, said that “when it comes to how the law is going to be enforced on foreign companies we are still awaiting guidance [from regulators]. I’m often asked how the regulators are going to enforce it, and my guidance is that there are some data-protection authorities that have a culture of fining and will continue to do so, while there are others that have more of a business-friendly approach, and they will carry on enforcing in that way.”
Townsend Feehan, CEO of IAB Europe, said that “we think because they [regulators] don’t have more staff to deal fairly [with each case], they will [target] symbolic cases, and some of that enforcement may be arbitrary and unfair.”