The EU General Data Protection Directive (Directive 95/46/EC) is designed to protect all personal data collected for, or about, citizens of the EU, in particular as it relates to processing, using, or exchanging data.
This European General Data Protection Regulation (GDPR) is designed to harmonise the current data protection laws in place across the EU member states. It introduces guidance as to how customer data should be stored and, most significantly, how companies must respond in the event of a data breach.
In the event of a breach the EU General Data Protection Regulation enables companies to be fined up to €20 million or 4% of their global turnover – whichever is higher. However, this value is arguably just the tip of the iceberg when it comes to the total cost of the breach once knowledge of it becomes public.
When a data breach occurs companies have 72 hours to inform the regulator and are also required to inform individual data subjects of data breaches ‘without undue delay’.
Under the EU General Data Protection Regulation, no business will be able to hide a breach from the public eye. For data security professionals, the pressure is on to prevent data loss incidents from happening in the first place and ensure that your business won’t be making the next big data breach headlines.
What are your responsibilities under the Directive?
The following provisions have been identified by stakeholders as those likely to cause additional costs for businesses:
- Subject access request (Article 12);
- Breach notification within 72 hours (Article 33);
- Data protection impact assessments prior to risky processing operations (Article 35);
- Obligation to appoint a data protection officer (Articles 37‐39); and,
- Imposition of large fines for failure to comply (Article 83).
How can Boldon James help?
The industry-leading Boldon James Classifier is designed to reduce data loss incidents and improve DLP solution effectiveness. Visual labelling enhances your workforce’s awareness of the value of the data they are using, whilst metadata labels facilitate more effective application of data security, data management and retention policies.
Boldon James Data Classification products support compliance with EU Data Protection Regulations by:
- Allowing users to identify key data & make decisions about how it is stored and transmitted
- Classifying or labelling to identify data which requires special handling
- Educating users about the sensitivity of data whilst ensuring adherence to corporate policy
- Alerting users when personal data is leaving the organisation to warn or prevent them from sending messages that contain sensitive information
- Providing critical audit information on classification events and activity
- Enable rapid search and data retrieval