Today’s cloud applications are highly contextual, massively scalable, always-on, distributed across data centers and geographies, and able to manage data and insights in real time. This means they pose incredible risks for non-compliance with the GDPR and also for hefty, potentially catastrophic fines.
2
USING REAL-TIME DATA MANAGEMENT TO DRIVE GDPR COMPLIANCE
Cloud Applications
and GDPR
The European Union’s new General Data Protection
Regulation (GDPR) goes into effect on 25 May 2018 and
applies to all organisations that process European
residents’ personal data. It’s an update of the 1995
Data Protection Directive and its most noteworthy
change is the increase of maximum violation fines from
£500,000 to up to 4% of a company’s global turnover or
€21 million (whichever is greater).
Today’s cloud applications are highly contextual,
massively scalable, always-on, distributed across data
centers and geographies, and able to manage data and
insights in real time. This means they pose incredible
risks for non-compliance with the GDPR and also for
hefty, potentially catastrophic fines.
Business and technology leaders tasked with
successfully implementing their company’s GDPR
initiatives should recognise that achieving GDPR
compliance can be a complex project that demands
time, skills, and resources.
The GDPR in a Nutshell
• The GDPR consolidates and strengthens data
protection rights for individuals.
• Each EU state has supervisory authority.
• The GDPR builds on the EU’s Data Protection
Directive, adopted in 1995, with additional
requirements and penalties, including significantly
greater penalties for data breaches (see above).
• Each supervisory authority is obligated to investigate
complaints.
• Every organisation must understand the data it has,
whether that data is processed lawfully, and be able
to account for what it does and doesn’t do.
• Companies with multiple data systems present a
massive risk.
Legal grounds and privacy notices
The GDPR makes legal grounds such as consent more
onerous to satisfy. It also changes privacy notice
content requirements, meaning organisations will likely
need to amend their existing privacy terms or at least
review them to ensure alignment with the GDPR.
Accountability
The GDPR puts greater emphasis on showing