Every day more and more data breaches are occurring. Virtually every consumer in the United States already has had their information leaked to the dark web in one way or an other. As Europe enacts its GDPR (General Data Protection Regulation), this type of regulation could easily come to the United States within the next few years. Here’s a quick breakdown of what could be rules that our businesses will have to follow.
Data Breach Notification
Currently under the GDPR, businesses must notify customers within 72 hours of first having become aware of a data breach. Many companies here in the United States have taken much longer than that to inform their customers of an attack. Companies will most likely be scrambling to figure out what data was stolen, how it was stolen, and who stole the data. If this time-frame is not followed, companies can receive a hefty fine of 2-4% of their turnover or $23 Million USD, whichever is greater.
Right to be Forgotten, Right to Access
This section under GDPR allows EU citizens to have companies erase any personal data they have on them. Unless they are a person of public interest, any person can withdraw their consent from your company keeping data related to them. If these requests are not taken seriously, it can result in a fine for your company. Many US based businesses may not have the processes currently in place to purge data as requested.
Additionally, any person can request a copy of the data you have collected about them, free of charge
. This type of data transparency in the US is mostly available for big enterprises such as Facebook, but for small businesses this type of system is unheard of.
Privacy by Design (Data Minimization)
Privacy by Design is data protection fully integrated into your data systems. Only data absolutely necessary for your work processes are to be held by your company and the information should be only available to those employees who specifically need to see that data. This type of regulation is a good guide to follow in the event of a data breach, as it can limit the scope of what information hackers have access to.
Data Breaches can happen to businesses of any size
If your company is like many organizations, your IT infrastructure progressed over time, trying to keep up with the pace of your business. Without the right kind of IT planning and careful technology management all along, your technical environment probably has gaps.
Our IT assessments provide a clear picture of your current IT infrastructure and operations. Whether faced with budget shortfalls, limited resources, aging infrastructure or an outdated strategy, our detailed assessment reports provide relevant findings and recommendations to spur meaningful organizational change.
VISN-IT provides comprehensive assessments of both IT infrastructure and IT operations. Our IT infrastructure assessments evaluate all major infrastructure components, including servers, storage networks, security, desktop infrastructure, end-device hardware and applications. Our IT operations assessments evaluate critical operational areas, such as IT strategic planning, IT staffing, IT operational processes, IT governance, IT vendor management and IT support.
CALL 718-227-5500 NOW FOR A FREE NETWORK ASSESSMENT