Any organization that handles personal data relating to individuals located in the EU will be strictly obliged to review, and potentially overhaul nearly all of their information management processes
The EU General Data Protection Regulation aims to catapult data protection into the era of big data and cloud computing, ensuring that data protection is a fundamental basic right uniformly and consistently regulated throughout Europe. Any company that serves European customers and collects their data will have to abide by this law - even companies based and handling that personal data outside Europe.
The regulation empowers the Data Privacy Authorities in Europe to impose fines for serious infringements of up to 4 percent of annual worldwide turnover or 20 million Euro, whichever is the greater. The magnitude of fines that can be levied virtually ensures that data privacy will become a board-level issue, as non-compliance with the GDPR presents a significant financial and business risk.
“The GDPR is the biggest change to data protection laws in almost 20 years. People and businesses will profit from clear rules that are fit for the digital age and give strong protection,” said Matthew Ellard, Senior Vice President, EMEA at Veritas. “Any organization that handles personal data relating to individuals located in the EU will be obligated to review their information management processes. Veritas is committed to helping them to get control over their data, gain visibility and insights, so they can demonstrate compliance to GDPR.”
The regulation will be enforced in May 2018, so businesses have two years to prepare for the GDPR. A business that finishes this task earlier will not only benefit from getting their data under control - stronger information management will help them to use their storage resources more efficiently and to win valuable insight into the data they are storing.
Hoarding Culture Creates Dark Data
The GDPR introduces new principles like “the right to be forgotten” and notification obligations. Therefore in certain circumstances, a company must completely erase personal data within a certain period if a user requires it. Also individuals affected by a data breach must be notified without undue delay if any of their personal information has leaked into the wrong hands and that leakage presents a serious threat to their rights and freedoms.
Unfortunately most companies don't understand the composition of about half of the data they are storing. According to recent research from the Global Databerg Report, 52% of all information currently stored and processed by organizations around the world is considered ‘dark’ data, whose makeup is unknown. This lack of visibility will make it hard for organizations to find the right data quickly.
Turning on the Lights
To moderate their risk, companies will have to understand their data including the significant portions of dark data that are stored in a fragmented way across on premises and cloud infrastructure. Veritas provides solutions and services to illuminate dark data by: