Toledo Regional Chamber of Commerce | Toledo, OH

  • Benefits & Services
    • Employee Health Insurance
    • Cost Saving Benefits
    • Marketing Opportunities
    • Member Portal
    • Newsroom
    • Newsletter Archives
  • Talent & Workforce
    • Talent Attraction
    • Expand Your Talent Pool
    • Industry Sector Partnerships
    • Job Board
  • Starting/Growing Your Business
    • Small Business Development Center and Minority Business Assistance Center
    • The Ramp
    • Export Assistance Network
    • Export Success
    • Toledo Area Small Business Association
    • Learning Center
    • Business Development Resources
  • Your Government Relations
    • Public Policy Agenda
    • Endorsements & Voter Resources
    • Institute for Leadership & Advocacy >
      • Institute for Leadership and Advocacy 2023
    • Supporting Veterans & Families
  • Developing Young Professionals
    • EPIC Toledo
    • Summer in the City
  • Upcoming & Recent Events
    • Upcoming Events
    • Recent Events
    • Community Calendar
    • Clambake
  • Your Chamber
    • Become a Member
    • Membership Directory
    • Minority, Women and Disadvantaged Business Enterprise Directory >
      • MWDBE Directory Submission Form
    • About the Chamber
    • Blog
    • Board
    • Staff
    • Contact Us
  • Toledo Region
  • Benefits & Services
    • Employee Health Insurance
    • Cost Saving Benefits
    • Marketing Opportunities
    • Member Portal
    • Newsroom
    • Newsletter Archives
  • Talent & Workforce
    • Talent Attraction
    • Expand Your Talent Pool
    • Industry Sector Partnerships
    • Job Board
  • Starting/Growing Your Business
    • Small Business Development Center and Minority Business Assistance Center
    • The Ramp
    • Export Assistance Network
    • Export Success
    • Toledo Area Small Business Association
    • Learning Center
    • Business Development Resources
  • Your Government Relations
    • Public Policy Agenda
    • Endorsements & Voter Resources
    • Institute for Leadership & Advocacy >
      • Institute for Leadership and Advocacy 2023
    • Supporting Veterans & Families
  • Developing Young Professionals
    • EPIC Toledo
    • Summer in the City
  • Upcoming & Recent Events
    • Upcoming Events
    • Recent Events
    • Community Calendar
    • Clambake
  • Your Chamber
    • Become a Member
    • Membership Directory
    • Minority, Women and Disadvantaged Business Enterprise Directory >
      • MWDBE Directory Submission Form
    • About the Chamber
    • Blog
    • Board
    • Staff
    • Contact Us
  • Toledo Region

We believe in sharing your stories.

GDPR - Are you ready?

5/16/2017

0 Comments

 
Picture
By: Matt Hoverman, Director of IT Consulting, Gilmore Jasion Mahler, LTD 
The clock is ticking.  The deadline is just around the corner.  Do you know if your company will be required to comply with the European Union’s new General Data Protection Regulation (“GDPR”)?

Ask yourself:
  • Do we offer goods and services to people in the European Union (“EU”)?
  • Do we have third parties which store or send data to the EU?
  • Do we collect or analyze any data of EU residents?
  • Do we have any EU citizens as part of our workforce?
If you answered yes to any of these questions, congratulations! You now have one year to figure out how to comply with the new regulation and avoid significant penalties. The good news is there is still time to develop and execute an effective strategy for compliance, but it is going to take some work and most likely outside counsel from data privacy consultants and attorneys.

The new data protection law was adopted by the EU in April 2016 and is intended to bolster data protections for EU residents. The GDPR replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens’ data privacy and to reshape the way organizations across the region approach data privacy. Companies, government agencies and non-profits interacting with EU residents have until May 2018 to comply. 

The GDPR defines scope as:
  • Organizations who offer goods or services to individuals in the EU (even if they are based outside of the EU)
  • Non-EU based organizations conducting monitoring activities in the EU which entail the processing of personal information
How does GDPR define what constitutes personal data?  Any information related to a natural person or ‘Data Subject’ that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address. This will pose a significant challenge to organizations to identify and control personal data.

Some of the key privacy and data protection requirements of the GDPR include:
  • Requiring the consent of subjects for data processing
  • Making collected data anonymous to protect privacy
  • Providing data breach notifications
  • Safely handling the transfer of data across borders
  • Requiring certain companies to appoint a data protection officer to oversee GDPR compliance
Basically, the GDPR mandates a baseline set of standards for companies that handle EU citizens’ data to better safeguard the processing and movement of personal data.

What is the cost of non-compliance? How about maximum fine of 4% of your total revenue or €20 million Euros (about $21.9 million dollars), whichever is higher. Companies can be fined if their outsourced data host or processor is breached, meaning your circle of control must extend outside your corporate walls.

While GDPR represents an important step forward for individual privacy rights, it will require vast changes and potentially significant investments by organizations around the world to comply. The good news is that existing privacy methodologies can be leveraged to assess potential gaps and provide guidance to the organization. The time is now to develop your plan of attack, dig deep into your data to better understand your potential exposure, and begin your journey towards compliance.

So where do you start?
  1. Start planning – if the processes hasn’t already been started, then get moving.  The significance of this regulation warrants a dedicated resource to oversee the adaptation of business processes in response to it.  Your first step should be to put together a team to develop and execute the strategy
  2. Review data management processes – the team should give consideration to the information your company currently holds.  They should review existing supplier contracts and conduct an assessment of what personal data the company currently stores, how it is being used, to whom it is being disclosed and where it is being transferred.  A full and comprehensive understanding of your current data privacy position will make life easier further down the line
  3. Put data breach reaction procedures in place – for a company that does not have existing procedures for notification of data breaches to the data protection authority, the creation of a protocol will be critical.  In the event of a breach, timing, accuracy and transparency are key and failure to respond appropriately could have significant consequences. 

Gilmore Jasion Mahler, LTD (“GJM”) has recently launched a GDPR networking series bringing together companies in our market that are working towards their compliance goals. This series is an important step in facilitating knowledge sharing and real life examples of how companies are attacking this issue.  If your company is interested in participating, please contact us at (419) 794-2000.

Contact:
Website

Picture
Matt Hoverman is a Director with Gilmore Jasion Mahler, LTD and leads the Firm’s IT consulting practice. He has spent his career helping businesses assess their IT risk level and creating a plan to maximize their technology investments.

Please contact Emily Dammeyer to submit a story for our blog.
0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

    Archives

    March 2023
    February 2023
    January 2023
    December 2022
    November 2022
    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016
    August 2016
    July 2016
    June 2016
    May 2016
    April 2016
    March 2016
    February 2016

    Categories

    All
    Advocacy And Public Policy
    Business Development
    Chamber Updates
    EPIC Toledo
    Events
    Membership Opportunity
    New Members
    Our Members
    Small Business Development Center
    Talent Resource Week

    RSS Feed

Copyright Toledo Regional Chamber of Commerce.  All Rights Reserved.
300 Madison Avenue, Ste. 200  |  Toledo, OH 43604
PHONE: (419) 243-8191 
Terms and Conditions
Picture