GDPR IS HERE | Is your business ready?

26
May
2018
382 Views

Disclaimer: We are not attorneys. Nothing within this post should be considered legal advice, but rather a spur to put your research hat on!

Does your company collect, maintain, or process personal data of individuals within the European Union (EU)?  If so, the General Data Protection Regulations (GDPR) will directly impact you and it is critical to be informed.

Why? Because the law takes effect TODAY!

This law gives individuals more control over their data and mandates how companies can collect, use and maintain the information.

The golden nugget of today’s article: Ensure all business partners are in compliance with GDPR. If you question a partner’s commitment to GDPR compliance, without hesitation you need to choose a new partner today.

US-based Companies are making this a priority.  Are you?


This implementation will require many companies to…

  1. Change current business practices.
  2. Write comprehensive data privacy policies and distribute revised contracts to all clients and partners.
  3. Verify that all internal and external company partners are GDPR compliant.
  4. Define several critical roles to ensure compliance: Data Protection Officer (DPO), Data Controller, and Data Processor.
    • A Data Processor can be an internal or external group. Anyone who captures and/or processes data on behalf of your company.
    • Prove consent of database contact information.

Okay, Marketing folks…

As of May 25th, companies have to prove consent of every existing contact in their database, otherwise, they have to be removed. The recommendation is that if you’re worried about losing a significant portion of leads, then it is best to launch a re-engagement campaign. More information HERE.

This is not a topic reserved for executive leadership. You must educate your entire team on data and data flow. All departments need to be confident in their knowledge of the current data protection environment and your company’s specific procedures.

What is considered personal data?

“Any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.”

  •   Name
  •   Address
  •   Identification Number
  •   Location
  •   Health Information
  •   Online Identifier
  •   Cultural Profile
  •   Changes in Technology

The reasons GDPR will affect US-based companies

GDPR applies to any organization located within or outside of the EU that offers goods or services to, or monitors the behavior of, EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.

  1. Does your company website receive visitors from European Union countries? If yes, then GDPR applies to you.
  2. Do you have clients that reside within any EU territory? If yes, then GDPR applies to you.
  3. Do you have a partner, such as a data processing partner, that resides in or captures data from EU residents? If yes, then GDPR applies to you.
  4. Does your company utilize any marketing or analytics campaigns that capture data from individuals within any EU territory? If yes, then GDPR applies to you. We really liked how Forbes spells it out HERE.
  5. You could be liable for penalties even if non-compliance is 100% the fault of your data processing partner.
  6. Non-compliance penalties are huge. It is just not worth the risk.

Major industries expected to be most affected

  •   Marketing
  •   Technology
  •   Online Retailers
  •   Software Companies
  •   Financial Services

What are the non-compliance penalties?

First, a warning.

Next, a reprimand.

Then, a suspension of data processing.

Fines of up to 4% of annual global turnover or $20M+

2% for not having records organized
(This is important. Contact Secure Records Solutions for clarification)


What to include in your contract:

  1. Outline the specific responsibilities of all partners within the data capturing chain
  2. Define specific process for how data is managed and protected
  3. Define how breaches are reported

We suggest conducting a self-audit

We believe THIS is a great template.

GDPR regulates that your data must be both organized and secure. Secure Records Solutions does just that. Call us today for a smart, secure and scalable solution that will support your GDPR compliance.

Security made simple.

LEAVE A COMMENT

Our Latest Consulting Insights

phishing

Five Ways to Detect a Phishing Email Scam

Gone Phishing? It could lead to disastrous results. According to Symantec’s 2018 Internet Security Threat Report (ISTR), the average user receives 16 malicious spam emails or phishing attempts per month. Over the course of the year, that’s nearly 200 chances to accidentally give away a password, […]

Read More

scanning

What benefits does outsourced document scanning offer?

To Scan or not to scan, that is the question. For many rural hospitals, financial institutions, or businesses in highly-regulated industries, “just scan everything” is often the answer. While it’s seemingly the obvious solution, it’s never the easiest, and, in many times, it’s the most […]

Read More

documents

5 ways to create value with your documents

Despite the oppressive heat here in South Georgia, school is back in session. People are shaking off the lazy, hazy, crazy days of summer and jumping back into order and routine. There’s no better time to look at your document management routine and ensure that […]

Read More

Why do most document management software projects fail?

We hear it all the time: “We’re paperless.” “We have the latest, greatest software money can buy.” “We are cloud-based.” However, when we walk through the office, we see papers being shuffled back and forth and hard copy files being referenced. And then we realize, […]

Read More

How Can A Rural Hospital Reduce Risk & Expense?

The average rural hospital has an average 3,000 boxes of paper records even though they implemented EMR software a decade ago. Ninety-five percent of hard copy records will never be accessed, so scanning everything is an expensive, inefficient solution. Labor associated with managing medical records […]

Read More

Reasons SRS Does Business With Other Local Businesses

Secure Records Solutions is a local, family-owned and operated business here in Southwest Georgia. We strive to work with similar business partners because we know the positive impact it has on the economy of Southwestern Georgia. There are familiar faces in chamber meetings, at Rotary […]

Read More

Why Does NAID AAA Certification Matter?

Security FAQ for Finding a Document Management Company The 2018 Cost of a Data Breach Study from IBM Security reported that the average cost, globally, for each lost or stolen confidential record is $148 per record. That comes out to a global average cost of […]

Read More

Hurricane Preparedness Tips for Your Secure Records

Barry. Humberto. Karen. Wendy. You haven’t met them yet; but come summer, you just might. These are some of the 21 names chosen for this year’s storms. The Weather Channel recently released its hurricane outlook for 2019. A total of 14 named storms, seven hurricanes […]

Read More

Earth Day Sustainability

This past Earth Day, April 22, 2019, the hashtag #onegreenthing circulated around social media. Some companies donned green attire and took part in a recycling or clean-up project in their community; others shared images of people planting trees or taking part in an urban garden. Secure […]

Read More

GDPR IS HERE | Is your business ready?

Disclaimer: We are not attorneys. Nothing within this post should be considered legal advice, but rather a spur to put your research hat on! Does your company collect, maintain, or process personal data of individuals within the European Union (EU)?  If so, the General Data Protection […]

Read More

PRISM International & NAID Merge to Form New Industry Association

Secure Records Solutions was honored to participate in the 2018 PRISM International Summit this week as history was made with a vote finalizing the merger between PRISM International and NAID, two industry associations in which we were already very involved. Our Consulting Team Leader, Christopher Jones, first […]

Read More