GDPR Survey: Are You Ready?


(Image: Pixabay/Macedo_Media)

(Image: Pixabay/Macedo_Media)

The General Data Protection Regulation (GDPR) is designed to unify data protection and privacy rules for people who live in the European Union. Because the GDPR rules are about data, it's important for organizations to know what they need to do before the rules go into effect in 2018.

Some organizations may conclude that because the rules are designed to protect those who live in Europe, they may not need to worry about compliance. However, experts advise all companies who deal with data to pay attention to this new regulation that goes into effect in next year because it impacts anyone who does business with consumers in the EU, and the fines for non-compliance are very expensive. For instance, fines can be as much as 4% of a company's revenue.

Some experts even recommend that if you deal with consumers at all, you should conform to the regulations of the jurisdiction with the strictest regulation. If you follow that practice you are best able to ensure that you are protected from the kind of steep fines imposed by rules like GDPR.

To better understand the scope of challenges and opportunities on the road to GDPR compliance, SAS (the sponsor of this site) is conducting a 10-minute survey. Based on this report, SAS says you will be able to identify your organization's position in relation to other organizations.

Once you complete the survey you will receive the report with results on how your peers are preparing for GDPR, the SAS Guide on how to identify, govern, and protect personal data to reduce risk, improve compliance and avoid fines, and more information on SAS's five-step approach to support organizations' efforts to handling data in a way that complies with GDPR.

The first 200 respondents will also receive a copy of Jill Dyche's most recent book, The New IT.

You can access the survey here.

What do you think? Is GDPR on your radar? Is your organization taking steps to comply? Let us know in the comments.

Jessica Davis, Senior Editor, Enterprise Apps, Informationweek

Jessica Davis has spent a career covering the intersection of business and technology at titles including IDG's Infoworld, Ziff Davis Enterprise's eWeek and Channel Insider, and Penton Technology's MSPmentor. She's passionate about the practical use of business intelligence, predictive analytics, and big data for smarter business and a better world. In her spare time she enjoys playing Minecraft and other video games with her sons. She's also a student and performer of improvisational comedy. Follow her on Twitter: @jessicadavis.

Here Comes the Analytics Economy

SAS CMO Randy Guard provided a glimpse into the coming analytics economy during a keynote presentation at SAS Analytics Experience. GE Transportation business lead Garret Fitzgerald spelled out how that emerging economy would work via IoT and edge analytics in a specific industry, locomotive freight transportation.

The Future of Data Science: Augmentation, not Automation

Three industry leaders took the stage at SAS Analytics Experience and provided broad perspectives on how far we've come in analytics over the last 10 years and where we are today.


Re: Far and away
  • 7/3/2017 12:08:10 PM
NO RATINGS

Corporate influence is so strong in the US that passage and enforcement is a challenge at any level. As you noted, the supreme Court ruling empowers corporations to the level of super citizen.

Re: Far and away
  • 7/2/2017 11:49:03 PM
NO RATINGS

I'm sure that such a change could happen on a state level but it would be incredibly difficult to pass a law on the Federal level.   One of the worst things was to give companies the legal status of a living person and in truth companies have more rights than a living person. 

Re: Far and away
  • 6/30/2017 10:31:02 PM
NO RATINGS

Seth, fines are supposed to be a deterrent but they are as you noted nothing more than a nuisance to most major corporations. So fine amounts based on percentage of revenue is the only way to be punitive enough to get compliance. The EU's approach is more effective than ours.

Re: Far and away
  • 6/5/2017 7:19:21 PM
NO RATINGS

@Kq4ym :  If we had fines as a percentage I'm sure we would see very different behavior from major corporations where huge fines are more of a nuisance than a preventative.

Re: Far and away
  • 6/5/2017 7:17:35 PM
NO RATINGS

I'm really interested in seeing the results.  There are concepts in it that are not usually considered here in the U.S.; though there has been some case law on the subject.  One notable change is tha the concept of the right to be forgotten has been replaced by a more limited right to erasure.   There is an interesting debate between those who would advocate for more privacy and those saying it allows history to be rewritten.

Re: Far and away
  • 6/5/2017 10:25:29 AM
NO RATINGS

With the proposal that " fines can be as much as 4% of a company's revenue," one would think there's going to be lots of attorneys meeting with companies worldwide to make sure they don't run afoul of any regulations as they come online and as they surely will be be modified over coming years.

Re: Far and away
  • 6/2/2017 1:05:55 PM
NO RATINGS

..

The EU has a webside specifically about the GDPR:

http://www.eugdpr.org/

Here's a summary from their Homepage:

After four years of preparation and debate the GDPR was finally approved by the EU Parliament on 14 April 2016. It will enter in force 20 days after its publication in the EU Official Journal and will be directly application in all members states two years after this date. Enforcement date: 25 May 2018 - at which time those organizations in non-compliance will face heavy fines.

The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy. The key articles of the GDPR, as well as information on its business impact, can be found throughout this site.

They also provide "An overview of the main changes under GPDR and how they differ from the previous directive".

This bit particularly caught my eye:

Privacy by Design
Privacy by design as a concept has existed for years now, but it is only just becoming part of a legal requirement with the GDPR. At it's core, privacy by design calls for the inclusion of data protection from the onset of the designing of systems, rather than an addition.

This was of interest because we've had discussions here on A2 about the need to incorporate privacy and security directly into the design of systems. This GDPR should have the effect of encouraging a lot more effort in that direction ...

..

Far and away
  • 5/31/2017 8:51:03 PM
NO RATINGS

I look forward to learning more about the results (as soon as they're in!). Unifying the approach to data protection in the EU sounds like a good idea.

INFORMATION RESOURCES
ANALYTICS IN ACTION
CARTERTOONS
VIEW ALL +
QUICK POLL
VIEW ALL +