Does your firm or startup have a presence in the European market? Does your company provide Information Technology and ITeS, pharmaceutical, financial or data processing services to European clients? If yes, then the clock is ticking and you must comply with the new and strict nuanced framework of GDPR introduced by European Union for data handling.
To set new data protection standards in place the European Union is rolling out General Data Protection Regulation.
This regulation will come into force on 25th May 2018 and any non-compliance will attract fine up to 20 million pounds or 4% of the company’s global turnover.
What is GDPR?
Is it applicable to you?
Article 3 (Territorial scope) of the regulation categorically states that it will be applicable to all companies regardless of whether the processing takes place in EU or not. Even if the company does not have an office in the EU or operates in the EU but only handles personal data of the EU citizens this law will be applicable to all such companies.
What are the obligations for companies?
In order for companies to become GDPR compliant they must-
1. Warrant Data Security:
Companies are required to ensure that the data they are dealing with is protected from additional processing. For this purpose, the company must implement such measures that will safeguard personal data of citizens from any unauthorised usage, loss, damage, alteration, damage.
2. Monitor Data:
3. Effectively manage Data Breach:
Build a system for effectively handle personal data breaches. Implement appropriate measures to minimize the loss and notify the public authority within 72 hours about such breach.
How to become GDPR compliant in India?
The companies require a robust programme to become GDPR compliant. In order to implement these rules, it is pertinent to that every stakeholder of the company must take requisite steps to become GDPR compliant. Accordingly, they must also train their employees on handling personal data appropriately. Also, they must-
1. Undertake data-detection activity:
2. Take prior consent:
3. Maintain a record:
The only way to save oneself from an unwanted hefty penalty is to draft a policy for handling data of consumers in consonance with GDPR. So be aware and acknowledge the changes with all preparation and required paperwork to comply with the new and strict nuanced framework.
* Get the latest updates right in your inbox!