vectorsoft Bildmarke

Switch Platform

Contact: +49 6104 660-0

Log In
Zurück zur Übersicht

General Data Protection Regulation (GDPR)

Introduction
May 25, 2018 is fast approaching and with it the direct application of the European General Data Protection Regulation (GDPR) in all member states.

Companies of all sizes and industries that are based in the EU or even just process the data of EU citizens must comply with it. The EU GDPR describes a completely new data protection law, but it is very similar to previous regulations.

This Regulation shall apply to the processing of personal data wholly or partly by automated means and to the non-automated processing of personal data which are or are intended to be stored in a filing system.

When it comes to data protection, all companies have a lot to look forward to: the General Data Protection Regulation (GDPR) raises the rules for handling personal data to a standardized EU level and introduces fundamental – and in some cases serious – changes.

The regulations are already officially in force and must be implemented by May 2018.

The EU directives catapult data protection into the age of cloud computing and big data and aim to ensure that data protection is regulated uniformly throughout Europe as a fundamental right. Every company that maintains customer relationships in Europe and collects buyer data in the process must comply with the General Data Protection Regulation (GDPR). This also applies to companies that are based outside Europe and manage their data outside European borders.
When does the GDPR come into effect?
The EU GDPR came into force on May 25, 2016. We are currently still in a two-year transition period. The law will also apply from May 25, 2018. Compliance will be monitored by the EU data protection supervisory authorities and courts or, in Germany, the federal states, which are currently establishing the necessary structures.
In Germany, the GDPR replaces the previous Federal Data Protection Act (BDSG) from 1995, which was completely outdated from today’s perspective.
Main requirements of the GDPR
The main requirements of the GDPR are divided into four fields of action.
1. Organization: All companies with ten or more employees require a data protection officer. This can be a suitably qualified employee or an external service provider. Seminars for data protection officers usually last three days and cost around 2,000 euros.

2. Processes: The most important requirement here is that the competent supervisory authority must be informed within 72 hours of a data breach being detected, as well as the data subjects if it is “likely” to result in a “high risk”.

3. The technology should correspond to the state of the art. Although this is very softly worded, the regulation should still be valid in ten years’ time. All future developments are already subsumed here. State of the art also means technology that is available on the market, has proven itself in practice and is also affordable.

4. Law: 3w3433e
Penalties – used to be more of a “minor fine”
A breach of GDPR regulations by a company can lead to fines and criminal prosecution. It is the first EU law to deal with data protection. The penalties for violations are draconian: up to four percent of a company’s annual turnover, or 20 million euros.
The right to be forgotten
As already mentioned, every company that works with personal data of EU residents is obliged to thoroughly review its information management processes. In future, this will also include new principles such as the “right to be forgotten” and reporting obligations. For example, a company may have to delete personal data within a certain period of time if a user requests this. Individuals affected by a data breach must also be informed immediately if their personal data has fallen into the wrong hands and this poses a serious threat to their rights and freedoms.
The problem is that most companies do not know the exact content of more than half of their stored data. The industry also refers to this as “dark data”, i.e. data whose content is unknown to the owner. This lack of transparency makes it difficult for companies to find the right data quickly and easily.

This information was taken in part from the magazine: “Das Storage-Magazin”.
Source

Klicken Sie hier, um die Nutzungsbedingungen für unseren Blog zu lesen.

Leave a Reply

Your email address will not be published. Required fields are marked *

Leave the field below empty!

Im Blog suchen …
Categories

Sign up

Customer center
conzept 16 cloud
Subscribe newsletter

Requests, questions or feedback are welcome:

vectorsoft

Terms of use of the comment function in the blog

1. General information

Vectorsoft AG (‘Provider’) provides a public blog for Internet users (‘Users’) on the vectorsoft.de website. The public blog is intended for the exchange of information and ideas. Users who participate with contributions and comments undertake to comply with the blog terms of use and are responsible for the accuracy, appropriateness and freedom from legal infringements of their contributions. By using the comment function in our blog, you accept these terms of use.

2. Netiquette

We ask you to refrain from personal attacks and provocations based on other opinions. Please argue objectively and maintain a constructive discussion culture. Your comment should always be related to the topic in question in order to avoid digressions into other topics. Posting the same comment or several similar comments more than once is not permitted.

3. Prohibition of illegal content

By submitting your comment, you confirm that you are not violating any copyrights or other rights of third parties. Inciting, racist statements, instructions for criminal offences and their glorification, depictions of violence, pornographic content and statements that violate personal rights are prohibited.

4. No advertising

The use of the comment function is not permitted for commercial or party-political purposes. Advertising contributions of any kind will be deleted immediately.

5. Details of the name

When entering your name, pay attention to the principles mentioned above.

6. Source references

If you intend to publish quotes or contributions from third parties, please indicate the respective sources and explain how they relate to the blog post.

7. Violation of the terms of use

Posts that violate this policy will be deleted immediately. If you notice any violations yourself, please send us the link to the comment in question by e-mail to . We expressly point out that we will exclude individual users in the event of repeated or serious violations of these terms of use.

As of: Sept. 2024

Get your Trial Version now!

Test yeet free of charge

IHRE EVALUIERUNGSLIZENZ - JETZT ANFORDERN!

TESTEN SIE DIE CONZEPT 16 VOLLVERSION - UNVERBINDLICH und KOSTENFREI

Subscribe to our newsletter

[cleverreach_signup]
WordPress Cookie Notice by Real Cookie Banner