All right, I may be using the term “fun” lightly. For, while General Data Protection Regulation (GDPR) reflects European legislation, its effect is global.
The legislation is designed to protect European Union (EU) citizens’ personal data. The legislation, while enacted by the EU, applies to any company, anywhere on the planet, that receives data from the EU.
Enforcement kicks in as of May 25, 2018, and implications for businesses and organisations are significant. Consent is a key principal; businesses must use plain, clear language in seeking and securing consent for collection of data. EU citizens have the right to have their personal data erased, and to call a halt to further distribution of their personal data. Under GDPR, EU citizens have a right to access information on, among other matters, whether their personal data is being processed.
Career prospects must be strong for Data Protection Officers (DPOs), as organisations need to build data privacy and protection into processes from the outset. As well, organisations must notify individuals of data breaches within 72 hours of becoming aware of a breach.
No pressure, right?
Fines for non-compliance can be massive. There are two levels of administrative fines. In a worst case scenario, an organisation can be fined up to €20 million, or 4% of its prior financial year’s global annual revenues – whichever amount is greater.
It seems a common theme that small businesses will face the most substantial challenges in capacity to comply with the legislation. They don’t have the luxury of resources that are in place at larger organisations and multi-nationals.
Speaking of resources, it seems that more than a few assistants around the globe are already experiencing GDPR exhaustion. I also know that many of you have been inundated with emails asking you to confirm email subscriptions.
With that in mind …
Let me share a new twist on the knock, knock joke theme. Reader Susan H. tweeted this just a few hours ago.
Knock, knock. Who’s there? GDPR. GDPR Who?
I can’t tell you, as I don’t have your consent!
Seriously, though …
This has also impacted Exceptional EA. I encourage readers to take a minute to read my Privacy Statement, which you can also find under both my Home page and as one of the drop-down pages under About.
While we’re at it, and knowing that readers have been inundated with such material from all sorts of service providers, you may also want to have a look at my Disclosure page. That’s one of the three drop-down pages under About.
All this, of course, leads to the topic of my latest Weekend Poll. Let’s take an early look at GDPR’s impact on assistants’ lives.
How has GDPR legislation impacted you to date?
Please take a couple of minutes to complete the poll below. As always, I look forward to hearing what you have to say and will publish results early next week.