GDPR Will Dominate 2016 European Legal Security Forum

A big focus of the 2016 European Legal Security Forum (July 12 at 155 Bishopsgate, London) is on the General Data Protection Regulation (GDPR), which will require companies doing business in the European Union to better secure how they collect, store, and use personal information by 2018.

In keeping with the law’s central concepts of “data protection by design” and “data protection by default,” organisations must build stronger data security into their products and services and follow strict guidelines on how personal data may be used. Failure to comply will carry severe penalties of up to 4% of a company’s annual turnover (gross revenue). The law provides specific rules for data processors -- businesses that collect or manage data on behalf of a data controller:

Mandate to obtain consent: Organisations must get clear, unambiguous consent before collecting or processing an individual’s personal data.

Right to be forgotten: Data controllers will be required to delete an individual’s personal data upon request, unless there is a legitimate need for the organisation to retain the data.

Notification of data breaches: Data controllers must notify government authorities (and in some cases affected individuals) within 72 hours if personal data is stolen or compromised. However, this notice is not required if the stolen data is protected by persistent data encryption.

Data protection officers: Companies or government agencies that process sensitive personal information will be required to appoint data protection officers, who will be responsible for monitoring compliance with the law.

Severe penalties for violations: Companies can be fined up to 4% of their annual turnover (gross revenue) for failures to comply with basic data processing or transfer requirements.

Encryption will be a critical component across the GDPR compliance spectrum, and PKWARE’s Smartcrypt technology makes the process easy and ironclad. Additionally, we’ve produced a whitepaper to help companies navigate GDPR. You can get a copy of "GDPR: Preparing For Europe’s New Security Regulations" on our download page.