officesupport.net

In the recent wake of the disputed 2016 American Presidential election, one can only wonder how real the threat of cyber crime is. Is it just a myth? Is it worth all the fuss and finger pointing? Well, as much as I hate to be the bearer of bad news, cyber crime is in fact real. Carelessly handled data can be acquired by hackers who consider breaching internet security a piece of cake, so what more if your current data protection mechanisms are outdated? In line with this, the European Court -together with the European Commission- came up with the GDPR (Global Data Protection Regulations) as a means to ensure that the personal and confidential information of EU residents doesn't fall into the wrong hands. It's imperative that you have secure data destruction standards.

Extra information about onsite hard drive destruction

Data Controllers & Processors All Rolled Into One

The implications of the GDPR are far reaching. Data controllers (agencies that collect personal data for whatever reason) and processors who process the same information on behalf of data controllers, are now expected to comply with certain obligations. For example, processors are expected to:

* Draft confidentiality agreements and ensure that their employees adhere to any obligations set out. Non disclosure agreements pay a pivotal role in data protection.

* Prioritise on personal data security and to back up their obligations with notable results.

* Oversee the appointment of sub-processors and insist that they too be in compliance with the GDPR.

* Upon termination of the relationship giving the controller access to the personal information of its data subjects, destroy or return such personal data.

* Report any security breaches to enable affected parties to take disaster management measures. Data controllers must report any breaches to a supervising authority within 72 hours of a breach. However, it is only serious breaches that attract the most attention as there is a deminimis rule concerning trivial breaches.


There's No Escaping The Long Arm Of The Law

It's blatant from the original intention of the drafters that these regulations are not limited to members of the EU only. The GDPR will affect companies and organisations worldwide for as long as they offer their services and goods within the European Economic Area (EEA) and the EU. So you don't have to be plying your trade in Europe to be affected.


Enforcement By Compliance Officers

Like any other law, the GDPR requires enforcers on the ground to monitor compliance. A data protection officer is ordinarily a person with a legal qualification. However, with data protection fast becoming an area of specialisation, educational institutions are now offering professional data protection qualifications to aspiring parties. Under the new law, controllers and processors must have compliance officers on the payroll.

This is all with a view to make industry players responsible to their clients. Many a time you see the news awash with stories of big companies and organisations savaged by cyber criminals. For you it's just another day on earth, what's new, right! However, your personal information can be stolen and used by people who don't have your best interests at heart.