The new proposed EU Data laws could mean companies face fines worth up to 2% of their annual turnover.
These regulations are a re-vamp of those outlined in 1995 and will have far reaching effects on the way in which public sector bodies process personal information.
New rules include “right to be forgotten” and a strong obligation for organisations to report data loss “as soon as possible.”
The commissioner argued that through simplifying the current set of rules in place businesses could expect to save $2bn a year.
Viviance Reding, The Justice Commissioner had this to say:
“My proposals will help build trust in online services because people will be better informed about their rights and more in control of their information.”
The new laws are predicted to be “hugely beneficial to SMEs,” as stated by Le Bail, Director General of the Commission’s Justice. This is down to them removing much of the red tape which accompanies the old data regime.
One thing which is hugely emphasised by new EU regulation is ‘Protection by Design.’ Modern privacy strategy has to be strategic, combining people, regulation and understanding.
When considering whether to upgrade certain services there are many safe harbour considerations to take into account such as not moving data out of the EU.
“Modern CIOs have to create ‘security by design’ if they want to do their job properly. We don’t have to convince people, either; security is absolutely core working culture,” stated Kurt Frary ICT manager at Norfolk county council.