Blogs > General Data Protection Regulation
July 24, 2018 Jesse Bickerton
You might have noticed that every website has been updating their privacy policy these days. This is because of the General Data Protection Regulation (GDPR). As of May 25, 2018, the GDPR “regulates the processing by an individual, a company or organization of personal data relating to individuals in the EU.” This means that if your company or organization’s website can be accessed by someone in the EU and you collect user data, you must follow these new regulations.
What kind of user data? It covers any type of data, from basic identity information (like name or address) to more complicated data (like biometric or genetic).
As you can see, this effectively means that every company has to comply with the GDPR.
One of the major issues of the GDPR is the request for consent when collecting private data. Just like if you want to send email communications to someone here in Canada, you need the expressed consent of the individual to do so thanks to CASL. Similarly, the GDPR requires that websites now ask for your consent to collect personal information and this request must also be easy to understand and easily accessed.
The GDPR sets out a number of new terms and requirements for businesses and organizations have to follow. For example, a data protection officer must be appointed and required to keep internal records to verify that the regulations are followed. Any data breaches must be reported within 72 hours. For more information, check out the General Data Protection Regulation website.
Today, most websites have updated their policies to reflect the GDPR. Companies like Facebook, Google and Apple all have updated their policies to allow people to check out the information these websites collect.
Although complying to the GDPR seems tedious, it will go a long way to help companies and organizations ensure customer data is protected. With data breaches becoming the norm for big businesses, the GDPR should help increase customer trust in companies who collect, analyze or otherwise use customer data.
Jesse Bickerton, RAVEN5, July 2018
Sources
http://europa.eu/rapid/press-release_IP-12-46_en.htm?locale=en
https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
https://www.eugdpr.org/the-regulation.html
https://gdpr-info.eu/key-issues/
https://www.theguardian.com/technology/2018/may/21/what-is-gdpr-and-how-will-it-affect-you
https://www.itproportal.com/features/the-negative-impacts-of-gdpr/