365 days until you MUST be compliant!
It is officially one year until the biggest data privacy regulation the world has ever seen will be enacted, the General Data Protection Regulation.
The scariest part of all? 54% of companies have not even started to prepare for GDPR. GDPR isn’t a choice, or something to keep in the back of your mind. It is very real and it’s happening now. It’s time to get prepared and become compliant or face the ultimate consequences.
You MUST maintain all relevant documentation on data processing activities. You MUST NOT keep personal data for longer than necessary. You MUST report any notifiable breach within 72 hours and you MUST adhere to the right to be forgotten.
But what does all of this mean? It means that should you fail to comply with any of these acts under the regulation, then you will be landed with a hefty fine of up to €20 million or 4% of your annual turnover, whichever is greater.
Companies are focusing more on the speed and effectiveness of their IT environment and less on data protection. 2016 saw the number of data breaches increase by 40% year over year, this fact along with the recent ransomware cyberattacks affecting the NHS and Nissan, prove that now more than ever, data protection should be in the forefront of every IT decision makers mind.
IT departments are going to have to become far more vigilant on detecting a breach, with only 72 hours to report to the relevant authority before facing repercussions. In the past, however, IT Governance suggest that it took organisations a median of 205 days before noticing a breach, with the longest recorded undetected hack lasting an incredible 2,982 days.
Want to know more? Click here to register for your FREE GDPR readiness workshop.