Authentic8 Blog Category: GDPR

GDPR: A Deadline You Can’t Afford to Ignore

Illustration: GDPR: A Deadline You Can’t Afford to Ignore - Authentic8 Blog

by Steve Durbin, Managing Director, Information Security Forum

If your U.S.-based business deals with customers, employees or contractors in the European Union, the clock is ticking for you. On May 25th, the EU’s General Data Protection Regulations (GDPR) goes into effect.

It will affect you no matter if you have an actual presence in Europe or not.

At the Information Security Forum (ISF), we consider GDPR to be the most extensive overhaul of global privacy law in decades. It fundamentally redefines the scope and application of EU data protection legislation.

GDPR compels organizations worldwide to comply with its requirements — or face stiff fines and penalties. The regulation affects any organization that handles the personal data of European Union (EU) residents, regardless of where the data is processed.

Many US-based organizations are obliged to comply with the new standards. Given the global nature of e-commerce, cloud services, and communications platforms, few organizations will be able to completely avoid the requirements.

GDPR-in-a-Box: New Online Tool Helps Small and Medium-Sized Enterprises

Illustration: GDPR-in-a-Box: New Online Tool Helps Small and Medium-Sized Enterprises - Authentic8 Blog

The European Commission has published a new GDPR online tool to facilitate the application of its new data protection rules.

The General Data Protection Regulation (GDPR) takes effect on May 25th, 2018. The same rules apply to all companies offering services in the European Union or handling the protected data of EU citizens or residents.

This includes U.S. companies, even if they don't have subsidiaries in the EU. The new online tool was developed to assist small and medium-sized enterprises.

Guidance for practical application of GDPR

Knowledge of the new rules is not evenly spread. By some estimates, more than 80 percent of U.S. companies who will be affected (and may face stiff penalties if found non-compliant) have not adjusted their IT and data protection to the new GDPR reality yet.

The new website aims to help individuals, businesses (in particular SMEs) and other organizations to comply and benefit from the new data protection rules.

It includes GDPR basics -