1. The EU is currently finalizing the new Data Protection Regulation and it will likely become law this year.
The European Parliament voted in favor of the proposed regulation by an overwhelming majority in March 2014. The regulation still needs to go through further steps before it becomes law. However, based on the near-unanimous support so far, it is widely anticipated that it will be adopted in 2015.
2. Everyone who holds data on European citizens is affected, even if you’re not located in the EU.
The proposed legislation will require everyone who holds data on European citizens to implement appropriate security measures to protect the data, and have a clear data protection policy. That data may include names, photos, email addresses, bank details, posts on social networks, medical information or a computer’s IP address.
If you do business with customers in Europe, that means you need to comply!
3. Fines for non-compliance could cost millions.
Under the proposed legislation, if you suffer a breach of personal data you can incur fines of up to €100 million or 5% annual turnover. Plus you will have to notify affected customers of the breach, with all the associated costs and loss of reputation.
4. Encryption is the best way to secure personal data.
Encryption is widely agreed to be the best data security measure available as it renders the data unintelligible to unauthorized parties in cases of data loss.
If you can show that the personal data was encrypted, the likelihood of being fined as a result of a breach should be very greatly reduced, and you don’t need to notify affected customers about the breach.
5. Lots of businesses aren't ready yet, but you can reduce your compliance risk.
SpecTronics works with a variety of specialist data security solutions. If you don't already have systems in place, or you're not sure what you need to be doing, get in touch with your SpecTronics Account Manager to discuss your options.