The European Union is beginning to wind up its massive piece of legislation that will affect every country immediately after its implantation. Formerly known as the General Data Protection Directive, the new regulation will take immediate effect once it’s completed, which will likely be sometime in early 2016.
Business owners and tech experts alike are speculating on the possible ramifications of this legislation, and what it means to businesses that handle data for their customers. The regulation has far-reaching implications into European commerce, which could even impact international companies that do business in Europe.
The regulation is designed to protect customers’ information, and holds companies accountable for implementing appropriate security measures, as well as full disclosure of the information they collect. Companies will be expected to ensure that their customers’ information is secure and private, and to disclose and security breaches within a maximum of 72 hours – though the specifics are still being ironed out as the bill is finalized.
One major point to take note of is that businesses can actually be fined a minimum of €1 million if they don’t disclose a security breach to their customers in a timely manner. While it’s just a good honest business practice to disclose security information to customers, these issues will of course have an effect on a company’s reputation, and depending on the situation, ignorance on behalf of the business may not be enough to get them off the hook.
If there’s one thing I know about anything with online security, it’s better safe than sorry. All too often, companies have to release apologetic statements in a minute print that their servers were compromised and there was a data leak, and I’ll admit it – I ask myself if I really want to continue processing transactions with a business that is having trouble keeping my information secure.
Here’s the thing though – you don’t have to lose customers, and you don’t have to be sneaky and hide a data breach until you’re slammed with a hefty fine. Though this regulation is still being finalized, it looks like there’s going to be a way to get around it. If the data that is compromised was encrypted, you actually don’t have to report the breach to your customers.
While the details of exactly how tough the encryption has to be are as of yet unclear, it’s a really important thing to keep in mind as the New Year rolls around. If you process all of your customers’ data with strong encryption, even if a thief does get ahold of it, it’s extremely unlikely they’ll be able to decrypt it and do any harm with it.
Don’t wait until this regulation is rolled out to figure out how you’re going to handle it – start analyzing how your business manages data now, and look for solutions that encrypt it from the moment you receive it to the duration of its storage.
Manage your internet connection with software that encrypts it from start to finish, like a VPN. Virtual private networks use military grade encryption to keep your data private and secure, so any data transfers you conduct over your business’s connection are completely safe.
As far as data storage goes, there are options there as well. Check out online backup services for secure data storage that’s geo redundant and accessible, but still incredibly secure. They use end to end encryption to protect the information while it’s being uploaded and for the entire time it’s being stored.
It’s still up to you to pick reliable and trustworthy companies to protect your customers’ information, so be sure to browse some of our articles for the best VPNs and online backup services to protect your customer’s information. There’s a lot at stake already, but with new legislation on its way in Europe, there’s going to be even more.