Blogs

Best practices and trends in technology

A Compact Guide of the General Data Protection Regulation

Jun 18, 2018
Image

How your business process and tackle data is now changing. The reason for this sudden change is the latest General Data Protection regulation or the GDPA. In this post, you are going to learn everything you need to know about the GDPA and how this regulation will affect your business.

On May 25, 2018, a mutually agreed General Data Protection Regulation came to force which made Europe World’s mightiest data protection location.

You need to understand that last time the data protection rules were reconfigured back in the 90s. It always struggled to keep up with the upcoming latest technologies. With GDPR in the fold, the data handling of customer’s information in private and public sector organizations will change drastically. This reform will also empower customers to handle their data as they will now have more control over their information.

Many experts in the field believe that GDPR will prove to be a big step in the effort of changing the protection level of the data. Still, they conclude that it is just an evolution; we cannot classify it as a revolution yet.

Let’s understand what GDPR is,

Brief Introduction of GDPR

The GDPR aka General Data Protection Regulation is a new framework that defines the data protection laws in Europe. It replaces the previous data protection directive of 1995. As per the GDPR website, the legislation is designed to harmonize the data protection laws all over Europe. It aims to give more data protection and rights to the customers than ever.

The discussion and negotiations took more than four years to meet the final terms. Then it was presented and accepted by both the European Council and European Parliament in April 2016. At the end of that month, the final draft of regulation and directives were published.

The council decided to give a preparation time to businesses and public bodies, and after two years it came to force in May 2018.

What Did GDPR replace?

It is the most common question that may wonder most of you. First thing what you must understand about GDPR is, it may have been accepted by the entire European Council, but still, every single country has the right to make changes as per se. In United Kingdoms, the government creates a Data Protection Act (2018) which will replace the old 1998 Data Protection Act.

When the law gets passed, it faces a lot of heat of controversy. Then it was amended several times to make sure that abuse of the data stops.

How Will This Regulation Affect My Business?

In a nutshell, it will affect your company. If your business does control any customer data, you are covered by GDPR. The ICO website stated that “If you are currently subject to the DPA, it is likely that you will also be subject to the GDPR”. All the personal and sensitive data are covered by GDPR.

In a nutshell, personal data is a complex category of information that can be used to identify a person. It includes name, address, IP address, and etc. Sensitive personal data usually include information about religion, genetic data, sexual orientation, political view, and stuff like that.

If we speak broadly, the definitions are pretty same. The only thing that differs in this new GDPR is pseudonymized personal data can fall under the law – if it's possible that a person could be identified by an alias.

So, what’s Different Here?

If you will glance over the 99 articles of General Data Protection Regulation, it set out many rights for individuals and all the obligations on organizations are covered by the regulation.

There are 8 rights that empower an individual. It gives the individual access to view the information from the organization. In simple words, you can see what data an organization keeps about you.

Helen Dixon, the data protection commissioner for Ireland, who has major technology company offices under her jurisdiction, says the new regulation was needed and is a positive move. In the build-up to GDPR, she said startups need to have more awareness of the rules.

"One of the issues with startups is that when they're going through all the formalities new businesses go through, there's no data protection hook at that stage," Dixon said.

You must be wondering!!!

What GDPR Preparation Cost My Organization?

According to PricewaterhouseCoopers aka PwC, 68 percent of all US-based organization expects to spend $1 Million to $10 Million to meet GDPR requirements. There is a speculation where an additional of 9% expect to spend even more than $10 Million.

As the deadline for the application was May 25, the expectations are pretty high now. Some of the recent surveys such as Propeller Insights survey from March 2018 pointed out that most of the companies are willing to spend less than $1 Million. To be exact, only 36 percent of respondents are willing to spend between $50,000 and $100,000. 24 percent of respondents will spend $100,000 to $1 Million. The bummer is only 10 percent of companies are willing to spend more than $1 Million.

Let Us Know Your Thoughts

So, what are your thoughts on that? Does it affect your business too? Let’s have a discussion about making your data protection policies. We can help you in bolstering your security layer. Seasia Infotech is apt in providing services for data security. Bon Voyage for now!!!

About Author

Uschie works as an Associate Vice President in Seasia Infotech, a CMMi Level 5 certified software development organization in its office in Mohali, Punjab. She heads and manages the Mobile Solutions in the organization and is responsible for managing key accounts, designing & building the most suitable software solutions across various domains viz. e-Commerce, Education, Healthcare, Publishing, Retail, Manufacturing and more for clients across the globe.