As of the 25 May, cyber security becomes a big issue for UK businesses, especially those that work with analytics, online advertising, and social media. This is the date the new General Data Protection Regulation (GDPR) comes into force, and the date by which every business that holds “personal information” about customers and clients should have adequate security in place.
The definition of personal data
The Data Protection Directive 95/46/EC defines personal data as “any information relating to an identified or identifiable natural person”. This can be information that can be used to identify a person directly, for example by name; or indirectly e.g. Head of Design at Brand X.
The reason the regulations are changing so dramatically for the first time in 20 years is down to how we can identify people in ever more complex ways, by an IP address for example, or DNA. Here’s what you should be aware of:
The new GDPR will have a big impact on online businesses
Now that online and unique identifiers have been categorically classed as personal data, online businesses will have to ensure that any data they hold is secure. This will be especially important for those businesses using analytics, or specialising in online advertising and social media.
This does not only apply to UK companies, it applies to any company that holds information about customers and clients in the EU. What about Brexit? For UK companies working solely with UK personal data, the post-Brexit situation is for the time being unclear. The advice is to comply with the GDPR and wait for further information.
Breach the GDPR and you could face a €20 Million fine!
A data breach is defined as “a confirmed incident in which sensitive, confidential or otherwise protected data has been accessed and/or disclosed in an unauthorized fashion.” If a company is deemed to have breached GDPR, it will be fined up to 4% of its annual global turnover, or €20 Million.
For more information about GDPR and what it means to you visit https://www.eugdpr.org/
Update 25/05/2018: Click here to listen to our GDPR spotify playlist!