GDPR: What You Need To Know


(Image: EtiAmmos/Shutterstock)

(Image: EtiAmmos/Shutterstock)

The General Data Protection Regulation, a European Union initiative to protect consumer data privacy, will impact organizations beyond Europe's borders. If you have any customers who are EU citizens or if you aspire to have them, this regulation will impact you.

To help you prepare for GDPR, which goes into effect in May 2018, AllAnalytics is compiling a list of resources and our own coverage of the rule. We also plan to update this page with additional coverage and resources as we add them.

Here's our list of coverage and resources:

A2 Radio: What You Need to Know About GDPR

There's a lot of noise about GDPR, and not all of that shouting is legitimate. For perspective and advice, listen to Todd Ruback, chief privacy officer and vice president of legal affairs at Evidon. Todd joined All Analytics Radio and provided a reasoned view into where some of the noise might be fear mongering, and outlined a practical approach to preparing for GDPR, particularly for US companies. He also made the case for why GDPR has a positive side for everyone.

How EU's Data Privacy Law Will Impact You

Although the Edward Snowden revelations of a US government surveillance program on citizens caused much consternation in the US they raised just as much ire in the European Union. That desire to see user data protected and not left at the whims of US corporations and intelligence agencies, is what's helped drive the implementation of the European Union's General Data Protection Regulation, a new piece regulation that could have far reaching consequences within the EU and beyond.

What Analytics Pros Need to Know about GDPR

Analytics experts beware, the European Union (EU) General Data Protection Regulation (GDPR) may require significant changes to your current personal data management, analytics, and reporting practices. Unlike privacy laws in other jurisdictions, the GDPR is applicable to organization of all types and sizes located in and outside the EU. It is due to take effect on May 25, 2018. You'll soon need a legal basis to justify collection and processing of personal data. Consent must be "freely given, specific, informed, and unambiguous." This will impact artificial intelligence, reporting, self-service BI, data warehousing, master data management, customer 360 projects, personalization and a myriad of line of business applications.

How to Get Ready for GDPR

Organizations around the world are getting ready for a new regulation that governs how they must handle data about European consumers, the General Data Protection Regulation or GDPR. Why are non-European companies preparing for this regulation? US-based consumers don't enjoy such protections. Indeed, US regulations appear to be going in the opposite direction if you consider the move in March to rollback broadband privacy regulations, enabling service providers to use consumer internet history to target advertising.But you don't have to be a European company to deal with European customers. Any organization that stores or touches data coming from Europe will need to comply with this new regulation or pay stiff penalties -- up to 4% of annual revenue.

The General Data Protection Regulation: What It Means and How SAS Data Management Can Help

This guide, written by data analytics vendor SAS, (the sponsor of this site) provides an overview and offers a step-by-step process for looking at this new regulation and figuring out what you need to do.  

Are You Ready for GDPR?

Take our Quick Poll and let us know where you and your organization are in terms of GDPR. Are you in the planning stages? Are you pulling your business out of Europe? Are you making a decision to not do business with customers there? Are you revamping your program? Vote in our poll, and if no answer fits your situation, please let us know in the Quick Poll comments what you plan to do.

Jessica Davis, Senior Editor, Enterprise Apps, Informationweek

Jessica Davis has spent a career covering the intersection of business and technology at titles including IDG's Infoworld, Ziff Davis Enterprise's eWeek and Channel Insider, and Penton Technology's MSPmentor. She's passionate about the practical use of business intelligence, predictive analytics, and big data for smarter business and a better world. In her spare time she enjoys playing Minecraft and other video games with her sons. She's also a student and performer of improvisational comedy. Follow her on Twitter: @jessicadavis.

Success Secrets of Top Omnichannel Retailers

It's a tough and changing environment for retailers. Yet some are enjoying continued success during turbulent times. We take a closer look at how they do it.

A2 Radio: Lean Analytics for 2018

Lean Analytics author Alistair Croll joins AllAnalytics radio to talk about how to apply the process for 2018.


Re: Is it over-reaching
  • 8/31/2017 1:02:40 PM
NO RATINGS

Ambiguity in laws and regulations arise because these statutes are attempting to address as wide of situations and circumstances as possible. So the language cannot be too specific and the generalities in the terms used leave too much for interpretation. That's what feeds lawyers and empowers unscrupulous entities.

Re: Is it over-reaching
  • 8/31/2017 9:16:41 AM
NO RATINGS

It may be interesting to see how lawyers and their companies might try to define the rules that "Consent must be "freely given, specific, informed, and unambiguous." What comes to mind is the fine fine print of many contracts and of course user agreements on the internet. Just trying defining "umambiguous." Solve that one and there will be no longer any use for courts.

Re: Is it over-reaching
  • 8/28/2017 11:15:36 PM
NO RATINGS

Seth, if there was a hearing before a passing vote, it most likely was a late add-on to the calendar and held late in the evening.

Re: Is it over-reaching
  • 8/28/2017 11:10:28 PM
NO RATINGS

@ rbaz, You're right.  Often these kind of regulations are a way to protect those already in a field or so cities and states can make money.

And I have a hunch that most of these kind of regulations pass in areas that do not give voters written explanations of what they are voting on.

In Milwaukee, WI, you need a license to go out of business.

Re: Is it over-reaching
  • 8/28/2017 11:06:12 PM
NO RATINGS

It sounds like a financial windfall was created for the suppliers of private investigator license requirements. You don't believe that special interest favor had anything to do with that, do you? On the surface it seems just lunacy but as they say, crazy like a fox.

Re: Is it over-reaching
  • 8/28/2017 10:48:54 PM
NO RATINGS

Alas regulation exists because as much as companies promise to behave and self-regulate the need to be more profitable always wins over eventually. 

Though there are some regulations that are down right weird.  For example "Texas now demands that every computer repair technician in the entire state acquire a private investigator's license to repair a computer. To get that license, you are required to have a degree in criminal justice or perform a three-year apprenticeship under a licensed private investigator"  Per Business Insider

 

 

Re: Is it over-reaching
  • 8/28/2017 6:56:17 PM
NO RATINGS

Enforcement may prove to be tricky and uneven because one need not have a physical presence, even a financial footprint in the EU to do business with entities there. Small companies may fall through that crack. If the data resides on servers in the US, that would be beyond their reach I would think. It will be interesting to see how it plays out.

Re: Is it over-reaching
  • 8/28/2017 5:55:01 PM
NO RATINGS

 

Rbaz writes

The EU appears to be heavy handed or possibly over-reaching, at least in comparison to regulatory measures in the US. We should remember that the regulations of today we're born of yesterday's excesses. 

That's one problem with the legal system and its officials as well as legislators: over-reaction. I hate to think of how GDPR will impact small businesses.

The SAS guide warns:

No matter where your business is located – Miami, Mexico City or Sydney – you're on the hook to comply with this regulation if you store or process any

EU consumer data, such as customer or employee data. And you'll need to be vigilant and rigorous in your efforts
...
Personal data is broadly defined by the GDPR as any data that allows for the identification of an individual, directly or indirectly. This includes things like name, address, birthdate or identification number as well as IP address, location data and any type of pseudonymous data.
...
To comply with the GDPR, you must have clear documentation and policies on how you handle personal data, including where it lives, how it's used and who is accessing it. But many organizations don't have a clear definition of personal data and may not know exactly where all their personal data is located at any given time.

While large global corporations probably can handle this, I can imagine European small businesses choking on all the red tape.

..

Re: Is it over-reaching
  • 8/28/2017 3:53:25 PM
NO RATINGS

To be sure they will test the limits as usual and where they come up short an alternate path will be found. Cat & mouse and wack-a-mole is the unending game. The EU is more consumer friendly.

Re: Is it over-reaching
  • 8/28/2017 3:13:43 PM
NO RATINGS

I suspect they will figure out some way around it.  In the meantime - I may move my accounts to Europe.  :-)

Page 1 / 2   >   >>
INFORMATION RESOURCES
ANALYTICS IN ACTION
CARTERTOONS
VIEW ALL +
QUICK POLL
VIEW ALL +