Skip to main content

EU Parliament approval of GDPR marks a new era for data protection

After a whole lot of discussion and debate, new General Data Protection Regulations have been approved by the European Parliament.

In what has been described as a watershed moment for enterprise IT, the unification of Europe's multiple data protection regulations into one common law signals a new beginning for businesses and consumers alike.

Although it's expected that the rules won't be officially enforced for another two years, organisations will need to start preparing now to ensure compliance, with failure to do so potentially costing up to 4 per cent of annual worldwide turnover

Andrew Dyson, Partner and Co-Chair of DLA Piper's international privacy and data protection practice commented: “The GDPR is a landmark set of reforms that will significantly alter the way companies and consumers manage their data.

“Individuals will have now new rights to control how organisations use their data. They will have enhanced entitlement to know more about where and how their personal data files are being used and the ability to block or erase certain types of processing. We expect to see innovation in the way privacy policies are presented to consumers, with greater use of profile centres where individuals can dynamically control use of their personal information. Organisations that get this right will quickly build trust with the consumer as well as ensuring compliance with the new regime.

“Companies will need to invest in enhanced systems and processes to accommodate these new rights and have robust governance in place to manage compliance effectively. This is especially the case when looking at technologies involving big data analytics, cloud or the internet of things, which rely on the free flow of data to deliver cost savings, deepen customer relationships and drive innovation.

“There is no doubt that the GDPR is timely, coming at a point where our digital footprints become ever larger and the risk of data breaches more pervasive. With a two year window to prepare, now is the time for companies to implement the changes needed to ensure the GDPR enables rather than hinders digital growth.”

Image source: Shutterstock/Den Rise