GDPR stands for General Data Protection Regulation. As of the 25th of May 2018, the GDPR directive will be a part of all EU member states’ national law. To be able to tackle the rules and regulations of GDPR, private and public organisations working with personal sensitive data or equipment storing or processing data in any form, must adhere to the new regulation. Organisations must be prepared for the challenges posed when it comes to data storage and security. GDPR has extended jurisdiction, regardless of the company’s location – whether it resides in or outside of the EU.
Under GDPR, organisations in breach of the regulations can be fined up to 4% of annual global turnover or €20 Million (whichever is greater). This is the maximum fine that can be imposed for the most serious infringements, e.g. not having sufficient customer consent to process data or violating the core of Privacy by Design concepts. There is a tiered approach to fines; e.g. a company can be fined 2% for not having their records under control (article 28), not notifying the supervising authority and data subject about a breach, or not conducting impact assessment. It is important to note that these rules apply to both controllers and processors — meaning ‘clouds’ will not be exempt from GDPR enforcement.
Thanks for your interest. Lenovo or one of our Partners will be in touch with you shortly to tell you more about our offerings.