While any number of regulations have created compliance headaches for IT organizations, none may be more profound than the General Data Protection Regulation (GDPR) that the European Union (EU) plans to implement starting May 25, 2018.
Key components of a regulation that will affect any organization that interacts with a citizen of the EU include reporting any security breach within 72 hours, being able to export data pertaining to any individual on demand, and the ability to erase all data associated with any individual. Failure to comply with any aspect of the regulation can result in a fine of up to 20 million Euros or 4 percent of an organization’s annual revenue, depending on which amount is higher.
To help organizations come into GDPR compliance, Veritas Technologies today made available a 360 Data Management for GDPR offering that combines several of its existing data management products with an assessment tool that helps organizations determine how much of their data is out of GDPR compliance. That offering includes data mapping and classification tools, analytics applications and data protection software along with access to Veritas experts that will provide the expertise needed to achieve GDPR compliance.
Zachary Bosin, director of solutions marketing for Veritas, says GDPR is about to become a major data management challenge for organizations around the world that interact with any citizen of the EU. In fact, Bosin says, Veritas research shows that less than a third of the organizations that interact with EU citizens are today in compliance with GDPR, which in addition to requiring specific data management capabilities also stipulates that organizations have to appoint someone to be their data protection officer.
“GDPR has become a mission-critical issue,” says Bosin.
Bosin says GDPR will force companies that do business in Europe to implement what amounts to best practices for data management. Despite all the security threats, most organizations today are still relatively casual in terms of who gets access to data within their organizations and how they manage that data. But come next year, any organization that does business within the jurisdiction of the EU is about to discover what securing and managing data at the most granular of levels is really all about.