What is GDPR?
The General Data Protection Regulation (GDPR) harmonizes data privacy laws across Europe to protect all data belonging to EU citizens and residents. While organizations that sell or market to the EU must be compliant by May 2018, there’s potential opportunity for a new level of business growth.
You can get fined up to €20,000,000 or 4% of total annual global turnover, whichever is greater, for the most serious infringements.
Look beyond compliance, leverage the benefits
Although GDPR may appear to be an immediate challenge, there’s potential opportunity for a new level of business growth. And those who adopt early, which is now, can leverage the benefits.
People living in the EU
- Personal data belongs solely to the individuals
- Well-defined boundaries for privacy
- Ability to engage with businesses in a trustworthy and transparent manner
- Be certain about the integrity of the data you process (i.e. no false leads)
- Build brand loyalty with customers that now trust your company even more
- Target the right customers with the right material to enhance your customer experience
What’s the impact?
GDPR is not limited to businesses that operate in the EU, so if your organization markets or sells to the EU you’ll have to be compliant too. The regulation’s definition of “personal data” is not just limited to a name, postal address or telephone number, etc. Instead, it covers any information that can be used to uniquely identify an individual like online identities, website cookies, and IP address.
WSO2 offers the key technology enablers required for digital transformation and is trusted by globally recognized brands across many industries.
We can offer you a digital transformation solution that capitalizes on GDPR to accelerate your business growth.
WSO2 Identity and Access Management (IAM) along with secure WSO2 API Management help to address the new requirements of GDPR, such as customer data privacy, a self care portal to enable customer rights defined in the GDPR and full scale consent lifecycle management. The WSO2 IAM solution also supports secure identity provisioning across systems in a GDPR compliant manner.
What are the customer rights?
GDPR defines consent as any freely given, specific, informed and unambiguous indication from individuals to legitimize an individual's personal data by the processing organizations. The processing organization should be able to demonstrate proof of consent and allow individuals to review previously given consents and withdraw it if necessary.
Privacy by design and privacy by default
GDPR states that the processing organization should adopt internal policies and implement measures that meet, in particular, the principles of data protection by design and data protection by default. A data protection impact assessment will help you achieve this by ensuring that all personal data collection, processing, storage and destruction measures are designed to secure privacy.