What You Need to Know About GDPR Compliance in 2020
In a few months, 2020 will be upon us. A new year (as well as a new decade) represents new opportunities. It also means that new legislation is either coming into effect or that new provisions of existing legislation will start being enforced.
In this article, we’ll explain what you need to know about GDPR compliance going into 2020 and how you can update your data privacy and data management practices accordingly.
What Do You Need to Know about GDPR Compliance in 2020?
GDPR (short for “General Data Privacy Regulations”) went into effect towards the end of May 2018. This sweeping legislation controls the way companies use data of EU citizens. If you’re not a business located in the EU, don’t ignore GDPR because it applies to companies across the globe.
Under the GDPR, firms must ensure that information is gathered legally, that it’s not exploited, and that the rights of data owners are protected. If the EU finds that you’re not compliant with GDPR, you’ll face fines ranging anywhere from €10 million to 4% of your company’s annual global turnover. No matter how successful your firm is, you can’t afford fines that high – they’re bad for your bottom line and reputation alike.
GDPR: Not the Only Data Privacy Legislation You Need to Know About
If you think GDPR is the only data privacy legislation you should be aware of, think again. In 2018, California passed its own law about consumer data privacy called the California Consumer Privacy Act (CCPA for short, also known as AB 375). It will go into effect at the beginning of 2020.
The CCPA allows any California consumer to see all information a firm has saved on them, in addition to a full list of third parties with whom the company has shared that data. A consumer can sue a business if the data management regulation has been violated, even if there hasn’t been a breach.
What Can You Do to Comply with GDPR and Other Data Privacy Regulations in 2020?
With that in mind, what steps can you take to comply with GDPR and similar data privacy regulations in the coming year?
The first step is to further educate yourself on what these laws mean for you. Syncsort has identified seven principles of GDPR (which are applicable to CCPA as well):
- Understand your data
- Think about how to ask for customer consent for data
- Assess your security measures
- Provide access to information
- Train employees carefully
- Ensure GDPR compliance throughout your supply chain
- Use data fairly and properly
The right tools go a long way in helping you comply with GDPR and other data management laws. Mainframes in particular play a vital role. They encrypt as well as mask personally identifiable data with pseudonyms. IBM’s z14 series provides pervasive encryption of all data both at rest and in flight, and IBM’s InfoSphere Optim Data Privacy has extensive data masking capabilities.
Make 2020 a successful year, and stay compliant with data privacy regulations with the right solutions. To learn more, browse our products.
If you want to learn more about GDPR, be sure to read our eBook on Data Quality-Driven GDPR.