If you haven’t heard about it by now, it’s time you learned more about the upcoming EU Data Protection Regulation, which applies to anyone collecting data on European Union citizens.
What does the regulation say about your responsibilities to protect personal data? Here are five things you need to know about the regulation and what you need to do to get compliant.
1. The EU is currently finalizing the new Data Protection Regulation and it will likely become law this year.
The European Parliament voted in favor of the proposed regulation by an overwhelming majority in March 2014. The regulation still needs to go through further steps before it becomes law. However, based on the near-unanimous support so far, it is widely anticipated that it will be adopted in 2015.
2. Everyone who holds data on European citizens is affected, even if you’re not located in the EU.
The proposed legislation will require everyone who holds data on European citizens to implement appropriate security measures to protect the data, and have a clear data protection policy. That data may include names, photos, email addresses, bank details, posts on social networks, medical information or a computer’s IP address.
If you do business with customers in Europe, that means you need to comply!
3. Fines for non-compliance could cost millions.
Under the proposed legislation, if you suffer a breach of personal data you can incur fines of up to €100 million or 5% annual turnover. Plus you will have to notify affected customers of the breach, with all the associated costs and loss of reputation.
4. Encryption is the best way to secure personal data.
Encryption is widely agreed to be the best data security measure available as it renders the data unintelligible to unauthorized parties in cases of data loss.
If you can show that the personal data was encrypted, the likelihood of being fined as a result of a breach should be very greatly reduced, and you don’t need to notify affected customers about the breach.
5. Lots of businesses aren’t ready yet, but you can reduce your compliance risk.
Take our 60-second compliance check to see if you are at risk from the proposed regulation – plus, learn how to secure your data and avoid breaches. Download our free whitepaper and sample data protection policy to get started, and visit our resources page to see how Sophos can help.
ste williams – Hold data on EU citizens? Check if you’ll be compliant with the new Data Protection Regulation
[…] European Union (EU) has been working on a new regulation which will apply one consistent set of requirements to all EU countries and all organisations that […]
Are you compliant with the upcoming EU Data Protection Regulation? Find out in just 60 seconds | Sophos Blog
[…] If you hold data on EU citizens, including customer details, payment information or healthcare records, you need to be aware of the upcoming EU Data Protection Regulation. […]
Net Universe ǀ Connecting Solutions – Are you compliant with the upcoming EU Data Protection Regulation? Find out in just 60 seconds
[…] If you hold data on EU citizens, including customer details, payment information or healthcare records, you need to be aware of the upcoming EU Data Protection Regulation. […]
Directive Européenne sur la protection des données
[…] Si vous détenez des données concernant des citoyens, comprenant des données de clients, des données de paiement, ou encore des données médicales, vous devez vous renseignez sur la nouvelle directive Européenne relative à la protection des données. […]
Why Sophos is a “breakout star” and a leader in endpoint encryption | Sophos Blog
[…] solutions. Meanwhile, a lack of endpoint encryption increases the risk that a data leak or compliance breach event will […]
Net Universe ǀ Connecting Solutions – Why Sophos is a “breakout star” and a leader in endpoint encryption
[…] solutions. Meanwhile, a lack of endpoint encryption increases the risk that a data leak or compliance breach event will […]
Cybersecurity in 2015: What to expect | Nagg
[…] highlights a mid-Atlantic divide: “Data will be more secure in the EU [thanks to proposed Data Protection Regulation[14]], but what will happen in the US?”. This underlies Neohapsis’s prediction that […]
Cybersecurity in 2015: What to expect - DarknessGate.com
[…] highlights a mid-Atlantic divide: “Data will be more secure in the EU [thanks to proposed Data Protection Regulation], but what will happen in the US?”. This underlies Neohapsis’s prediction that “a […]
Why Sophos is a “breakout star” and a leader in endpoint encryption — The Cloud Key
[…] solutions. Meanwhile, a lack of endpoint encryption increases the risk that a data leak or compliance breach event will […]
Are you compliant with the upcoming EU Data Protection Regulation? Find out in just 60 seconds — The Cloud Key
[…] If you hold data on EU citizens, including customer details, payment information or healthcare records, you need to be aware of the upcoming EU Data Protection Regulation. […]
Sophos on AWS comes to Germany | Sophos Blog
[…] AWS Frankfurt region is fully compliant with all applicable EU Data Protection laws, so customers can now use Sophos security products and other software from the AWS Marketplace […]
World Backup Day – why backups are so important, and some data protection tips for businesses | Sophos Blog
[…] organization. Be sure to know which laws apply to you in your region. For example, the upcoming EU Data Protection Regulation requires you to protect data on EU citizens, even if you’re not located in the EU. If […]