There’s a new challenge that lies ahead for businesses that have operations within the European Union. The new General Data Protection Regulation came into effect on 25 May, 2016, and will begin to be enforced 25 May, 2018.
With the focus on protecting the fundamental rights and freedoms of natural persons and their right to the protection of personal data, the regulation establishes obligations and advantages both for private entities and public administrations.
Panda Security’s “Preparation Guide to the New European General Data Protection Regulation” introduces the new legislation to businesses before its application in 2018. Disregarding the application of the GDPR could lead to costly administration fines of up to 20,000,000 euros.
Panda’s objective is to address the need to adapt data security practices and thereby give its clients a competitive advantage.
How will the GDPR affect businesses?
One of the main points of the white paper is that taking action only when an infringement has already occurred is insufficient as a strategy, since such a failure can cause irreversible damage to interested parties and can be very difficult to compensate.
Here are some sanctions and other potential problems stemming from non-compliance with the GDPR:
- Direct or indirect economic repercussions. These could result from security incidents coming from outside the company or from a company’s own employees and collaborators.
- PR damages. Damages to your reputation could result from security incidents not properly being reported to the public.
- The loss of current or potential clients may occur when the company is unable to demonstrate that it is in compliance with the regulation.
- The risk of data-processing limits or bans imposed by data protection audits, which could affect the normal functioning of a company.
- The possible suspension of your service for your clients, which could induce them to leave your service or even take legal action.
- Reparations that interested parties will have the right to claim in case of infringement.
- Costly administration fines that could reach up to 20,000,000€ or 4% of the total worldwide annual turnover of the preceding financial year, whichever is higher.
Panda Security, a partner in compliance with the new law
For organizations dealing with data, prevention is the core element of the regulation. We underscore the importance of working with vision and anticipation as a competitive advantage in business strategy.
Businesses that have put their trust in Adaptive Defense are already well on their way to complying with the GDPR. It offers:
- Prevention: Adaptive Defense features an internal audit system to verify the security status of the IT infrastructure at any given time, even before the solution is deployed. In the implementation of the action plan for compliance with the GDPR, it proves to be an invaluable tool.
- Protection of personal data processed on a business’s systems, stopping, for example, any untrusted process from running.
- Risk reduction, key activity indicators, and endpoint status, which helps to establish security protocols.
- Tools to satisfy the requirement to notify authorities of security incidents within the first 72 hours after a breach·
- Control mechanisms and data management for the DPO, who will be notified in real time not only of security incidents, but also whether or not these incidents involve compromised personal data files.