May 10, 2018

Ready or Not, GDPR is Coming! – WST

What do these letters mean exactly? Perhaps an acronym for a new technology or even better…a new regulation?  In this case it’s the later.  Any guesses? If you guessed, “Gosh Darn Privacy Rules” you are close.  They certainly involve rules and have a lot to do with privacy, a topic that has received a lot of worldwide attention recently.  And speaking of worldwide, it’s worth mentioning these new rules originate in Europe.  (Before you stop reading at this point and think to yourself… Why should I be concerned about some new set of offshore rules when my organization is here in the United States and I have my own regulations to worry about?)  Consider the fact that privacy rules are intended to protect individuals rather than organizations; and as a result of today’s connected society, it’s possible for any U.S. based organization (regardless of size) to have customers that reside across the globe.

With this perspective in mind, it’s worth becoming familiar with what these letters mean and if they may impact your organization.  At a very high level, the GDPR is new set of rules (regulations) established by the European Union (EU) to give its citizens more control over their personal data.  And like it or not, it may eventually become a template for future U.S. regulations. Although many of the possible mitigations focus on data systems and general IT, you may be surprised to learn how much of GDPR spans into marketing, retention, and even customer service processes.  The regulation has been in development for a couple of years, yet has only recently gained the attention of U.S. companies because of an impending compliance deadline of May 25, 2018.  Not surprisingly, like most regulations, it has a few key provisions which are applicable under certain conditions and are not always clearly defined.  The trick is figuring out if those provisions and conditions relate to your organization.   In an effort to help our clients become familiar with the potential impacts and navigate the seas of speculation surrounding GDPR, 10-D Security performed exhaustive research that has been summarized in the blog entitled: GDPR is coming… but what does it mean, and why should I care?

Past Weekly Security Tips – WST