What is the GDPR and How Do I Ensure My Business is Compliant?

The General Protection Data Regulation (GDPR) is a new European privacy law that goes into effect on May 25, 2018. It replaces the existing EU Data Protection Directive, also known as Directive 95/46/EC, and integrates data protection laws from across the European Union by applying a single, binding data protection law for all member states.

The new regulation represents a significant expansion of the existing directive. The changes were designed to strengthen individual rights around the consent of submitting personal data, as well as individuals’ ability to control their data after submission. This includes a section on data erasure called the “Right to be Forgotten.”

GDPR also spells out new policies and procedures for Controllers and Processors of EU data subjects. In that vein, here are some important questions that will help you determine the law’s applicability to your business, some tips for gaining compliance, and a look at how SingleHop is approaching the sweeping new regulation. If you want to delve further, take a look at GDPR at the official website.

How do I know if GDPR will apply to me?

If you’re wondering why there seems to be so much coverage of GDPR in U.S. media, here’s the reason: The regulation applies not just to EU entities or those with operations in the EU, but to all organizations that hold or process an EU citizen’s personal data.

In light of that critical point, ask yourself these questions:

  • Does my organization process, transmit, store EU client data?
  • What type of personal data does my organization collect/store?
  • Does my organization ensure it does not hold such data longer than is necessary?
  • Does my organization keep such data safe and secure, using a level of security appropriate to the risk?
  • Is encryption necessary to protect the data stored by my organization?
  • Does my organization limit access to ensure such data is only being used for its intended purpose?
  • Does my organization transfer such data outside the EU, and if so, does my organization have the necessary technologies and processes in place to protect such data?

If GDPR applies to me, what can I do to become compliant under the new law?

The following tips can be used as a guide to comply with GDPR. These recommendations should in no way be considered legal advice. If GDPR applies to your organization, you should consult with an attorney to guide you through the many complexities of the regulation and its applicability to your use case.

1. Understand the law – Know your obligations as it relates to collecting, processing, and storing data, including the law’s many special categories.

2. Create a roadmap – Perform data discovery and document everything – research, findings, decisions, actions and the risks to data.

3. Know which data is regulated – First, determine if data falls under a GDPR special category. Then, classify who has access to different types of data, who shares the data, and what applications process that data.

4. Begin with critical data and procedures – Assess the risks to all private data, and review policies and procedures. Apply security measures to production data, and then extend those measures to backups and other repositories.

5. Assess and document other risks – Investigate any other risks to data not included in previous assessments.

SingleHop’s Commitment to GDPR Compliance

The security of our global infrastructure is SingleHop’s number one priority. Since the law’s passage in 2016, our security and compliance team has been diligently preparing for implementation.

In addition to a thorough review and update to our customer privacy and security policies, SingleHop maintains EU-US Privacy Shield Compliance, enters into data processing agreements with its customers if GDPR applies to the processing of their data, and enters into sub-processing agreements with vendors when necessary. We’re also committed to offering first-rate, best-practice security services across all of our products.

For a full breakdown of our processing roles and responsibilities, as well as our commitment to customers as a data controller, please visit our GDPR page.

Don’t Just Check the Box

Protect Patient Data

hipaa compliance consultation
Read Also:
What are Meltdown and Spectre and Are You at Risk? Web App Attacks May Be Your Organization’s Biggest Vulnerability (INFOGRAPHIC) 3 Takeaways from Alert Logic’s 2017 Cloud Security Report
Victor Frausto
Victor Frausto

Victor G. Frausto is a Security Engineer for Singlehop, an INAP company. He began his career at Trustwave, working in firewall administration, before moving into corporate security. He graduated from ITT Tech with a Bachelor'...READ MORE

What a fantastic read on Azure Tutorial.This has helped me understand a lot in Azure Tutorial. Please keep sharing similar write ups on Azure Training. Guys if you are keen to know more on Azure Tutorial,must check this wonderful Azure Course and i'm sure you will enjoy learning on Azure Tutorial.:-https://www.youtube.com/watch?v=8_0qGTdHZSs

We Protect Patient Data

get compliant
Recent Tweets

Ready to Transform Your IT Strategy?

From groundbreaking server management software and automation platforms to custom, flexible managed infrastructure solutions, we win customers because we put customers’ unique needs at the center of every solution.

"I feel the customer service is light years better at SingleHop than with my previous provider. I love that I can call the 24 hour support line when things are simply easier to explain on the telephone than in a support ticket. "

Jane, SingleHop Customer

"Wonderful service. We really appreciate your willingness to work with us to help our business succeed. "

Aviva, SingleHop Customer

"As always I can depend on SingleHop Tech Support team for an assist whenever we need them. They’ve exceeded our expectations each and every time for the last 7 years. "

Rodney, SingleHop Customer

"Excellent! Hardware and software are important in this environment but what is truly outstanding is the tech support that comes with it!"

Kenneth, SingleHop Customer

"[The] completed task has made a serious difference in the server’s performance. Thanks for digging deeper. The efforts/findings were so worth the time taken, in my eyes!"

Michael, SingleHop Customer

"The crew is indeed outstanding. Everyone is involved with your case; they respond promptly and accurately.
They are always correct and incredibly fast."

Juliana, SingleHop Customer