|
Expert Answers to Biz Questions Listen in! Pick up some expert advice to a reader's question that we selected from CyberSchmooz.
GDPR - What do Small Business Owners Need to Know?
If you’ve been paying attention to the world of online data regulation recently then you’ve probably heard of the upcoming General Data Protection Regulation (GDPR). This wide-ranging regulation, for those unaware, aims to enable the better personal data protection of all European Union residents and visitors. This means that every website or business based in the EU, and all of those who interact with the EU, are required to adhere to strict rules governing what data is stored and which safety measures need to be put in place. In this article we’ll go over a few of the key points to help small business owners get prepared for these upcoming regulations. What Does Your Business Fall Under?There are two main roles which we will be looking at when it comes to your exact method of dealing with data under GDPR. These are Data Controller and Data Processor. A Data Controller, in this context, refers to any entity which itself determines the purpose and means of processing personal information and data. This includes companies which collect personal data from its employees and businesses which require online user payments. If your business engages in any similar activities then you will be affected by this regulation. A more direct example would be a business which sells online if you are either located within the EU or can do business with anyone in the EU. A Data Processor, according to the GDPR, is an entity which deals with processing data on behalf of the Data Controller. This includes those companies which process data like payment information which is passed to them by Data Controllers, such as payroll companies which process employee paychecks. Simply put – if your organization is handed the personal data of people in the EU, then you will be affected by this new regulation. Global InfluenceMany people have trouble with the fact that the GDPR will require a global effort. Remember – it deals with anyone who traffics in some way with personal data of EU residents, regardless of where that company is itself located. This means anything international, from the US and beyond, and so it is much further reaching than many realize. A simple mistake to make, but one which should be understood. What Can You Do?The specifics of these changes can take a while to implement, given that the GDPR includes 99 articles detailing data protection and enforcement rules. GDPR, however, is set to come into effect on May 25, 2018, and there are hefty fines for those not ready. In terms of data protection, we can narrow the articles down to a couple of most relevant sections:
According to this article, all data controllers must ensure both that personal data cannot be attributed to an identified or identifiable data subject, and that the only data which can be collected is that necessary for a specific, identifiable purpose.
In this article, the GDPR states that both data controllers and processors must implement measures which allow for the encryption or hiding of personal data, maintaining ongoing integrity and confidentiality, the restoration of availability post-breach, and testing of the involved systems. This should give you an indication of the changes you might be expected to make.
Small Business Tax Center • Idea Cafe Home • Sign Up • Biz Grant Center • CyberSchmooz •Coffee Talk with Experts • People in Biz Profiles • Starting Your Biz • Biz Planning • Running Your Biz • FREE Trade Publications • Marketing • Financing Your Biz • Human Resources • Legal & Biz Forms • Managing Your Biz • eCommerce • You and Your Biz • Gen X • Work@Home • The Fridge • De-Stress • Send an Award • Send an eGreeting • Yoga @ Your Desk • Web Guide • Idea Cafe in the News • About Idea Cafe • Advertise on Idea Cafe • Contact Us • Privacy Policy • Site Map • Small Biz News
Copyright 1995-2024, Idea Cafe Inc. Downloads are for personal use only, not for resale to others, and may not be reprinted in any form without written permission from Idea Cafe Inc.
DISCLAIMER: We hope whatever you find on this site is helpful, but be cautioned that it may not apply to your own situation, or be totally current at any given time. Idea Cafe Inc. and all of its current and past experts, sponsors, advertisers, agents, contractors and advisors disclaim all warranties with regard to anything found anywhere on this family of websites, quoted from, or sent from Idea Cafe. and its related sites, publications and companies. We also take no responsibility for comments published by others on these pages. TRADEMARKS: The following are Registered Trademarks or Servicemarks of DevStart, Inc.: Idea Cafe®, Online Coffee Break®, The Small Business Gathering Place®, Take out Info®, Biz Bar & Grill®, Complaint-O-Meter®, A Fun Approach to Serious Business, CyberSchmooz, and BizCafe.
|
|