Easi Blog

Are you aware of the GDPR implications for your organisation?

Written by Nick Degeest | Feb 19, 2018 6:00:00 AM

I'm sure that by now you have already heard of the new European regulation called "GDPR" (General Data Protection Regulation). However, are you aware of the implications for your organisation?

The GDPR is an overhaul of the already existing local and European data protection laws (which are not fit-for-purpose anymore in the current digital age), and are mostly country-specific. However, about 80% of current privacy legislation is also part of the GDPR. The aim is to harmonise the protection of personal data across all EU member states.

The new regulation will have a wide impact across organisations that are serving EU citizens (the "data subjects"). Simply put, if your company offers services or goods to residents in the EU, the law applies. It is important to know that this regulation was already adopted on 27 April 2016, but it will become enforceable on 25 May 2018 (on which it will become binding and applicable).

Why would you prepare for GDPR?

If you fail to prepare for the new regulation, you might be facing the following risks:

  • Reputational damage: Not complying might leave the impression that the organisation is not correctly handling personal data of its customers;
  • Loss of customers and business: It might become a demand (pre-requisite) asked by current and future (potential) customers;
  • Financial risks: fines up to 20 million EUR of 4% of the global and annual revenue of the preceding financial year of the organisation.

What can you do about it?

GDPR needs to be looked at from three different perspectives:

  • Privacy and compliance : Is your organisation taking the right actions in working towards compliance with GDPR?
  • Legal : Are you legally compliant with GDPR's requirements?
  • IT security : Is your IT infrastructure and organisation adequately secured and protected against e.g. data breaches or leaks?

EASI has GDPR experts in-house, who are Data Protection Officer certified, ISO27001 certified and with more than 15 years of IT security consulting experience, that can assist you and your organisation in moving forward with GDPR from both a privacy and IT security point-of-view.

In case your organisation needs a push in going forward with GDPR, let us know – we’re happy to get you started.
View full post