The GDPR stands for the general data protection regulation editing upcoming compliancy regulation under the European Parliament regulations. The overall goal of these regulations is to strengthen the efforts for data protection across the EU as well as for it data protection for EU citizens utilizing online businesses and websites operating outside of Europe.
The GDPR ultimately concerns personal data and the protection/ security of personal data on the part of website administrators. The GDPR is set to take effect later on this year in May of 2018 and under these requirements a website will need to maintain its compliancy or face the potential of various fines and more.
Under GDPR compliance requirements:
Organizations throughout the world that handle data for customers in the EU and EU businesses will be responsible for maintaining the requirements put forth by the GDPR or face the chance for consequences.
Under the GDP are compliance requirements, if a business is not able to meet the new EU compliant standard, an organization must notify a local data protection authority on the breach records within 48 hours or less. Failure to comply could result in fines of up to 4% of the global turnover for an organization or €20 million.
To get GDPR compliant:
To demonstrate that your organization is able to prepare for a security breach and prevent the chance that customer data could leak, you will need to demonstrate that you have one or more different encryption methods on your premises and for protecting customer data.
This means keeping items like your servers secure with full virtual disk machine encryption or checking that your host has the same, your storage devices that carry customer data will all need to have network encryption, any media that runs through your website will have to be encrypted with disk encryption and any network that is responsible for administration practices on your website will need to be enabled with high-speed network encryption. Strong key management for each customer account will also need to take place to ensure that files and user accounts can be well protected.
If you are unsure if your business or website is currently compliant with the upcoming rules, you should get in touch for us to perform a site audit today. With the help of a full site audit it’s possible to determine areas where your website or company is currently failing its compliance. By understanding and being able to address the various areas where you can improve and become compliant.
By working with a GDPR compliancy expert in web design and administration, We can make sure that your company website is compliant by May as there are plans to do a series of rolling inspections as well as the chance that you could be fined early on after GDPR goes into effect in May of 2018.