Europe seems poised to finalize the terms of the EU General Data Protection Regulation by the end of the year. The EU GDPR is set to drastically chance data protection law, including an increase in penalties for a breach up to 2% of a corporation’s annual global turnover. While these new laws will have a large impact on European businesses and IT professionals, the GDPR will also have an impact on US IT departments.
In a new article on Fierce CIO, I discuss the ins and outs of Why new European privacy laws matter to US CIOs and CISOs. The bottom line of the discussion is that organizations without offices in the EU can still be fined and prosecuted under the upcoming regulation. This means that US-based organizations should be just as prepared for the upcoming GDPR as European organizations.
The GDPR applies to businesses outside the EU that process personal data collected through offering services or goods to citizens in the EU. If you have any EU customers, the GDPR will apply to you. In the article, I discuss:
- The GDPR requirements on reporting a data breach
- The increased penalties under the GDPR (which could exceed $100 million or 2% annual global turnover)
- How to prepare for the GDPR with the right technology, training and regular security audits
In order to help you navigate the change, Absolute collaborated on a video series exploring 14 questions surrounding the proposed regulation and how to become compliant, addressing questions on how to prepare for future changes, top threats, and particular concerns about mobile devices and social media. I also invite you to read about the Top 5 Things You Need to Know about the EU GDPR, then take steps to Avoid the Pitfalls of the New EU Data Protection Regime.
Absolute Data & Device Security (DDS) allows organisations to persistently track and secure all of their endpoints within a single cloud-based console. Computers and ultra-portable devices such as netbooks, tablets, and smart phones can be remotely managed and secured to ensure—and most importantly prove—that endpoint IT compliance processes are properly implemented and enforced. Learn more here.