INFOR just released a 3-part blog series on the “game-changing: effects of General Data Protection Regulation (GDPR).
Here’s a brief snapshot on some of the warnings INFOR is issuing:
“No matter your industry or location, you need to be ready.”
“Although the GDPR was passed by the EU Parliament, the new privacy law is expected to have a major impact on businesses worldwide.”
“Consumers will be empowered. They will have a more unified voice to demand high security and accountability from businesses of all types…”
“If you have not been following the GDPR discussions, it is time to get up to speed and examine your own data and security policies. Investing in modern software, including the most recent version of your ERP, will be an important consideration as you map your data strategy.”
So is INFOR overreacting? We don’t think so. Data security is garnering significantly more attention, as of late. Consider Facebook CEO, Mark Zuckerberg and his testimony before Congress, where he even commended the importance of GDPR. For another we see may companies instituting new executive-level positions with the designation, Data Protection Officer (DPO).
Christina Cabella, newly appointed DPO at IBM told the Wall Street Journal that, “Companies need to make that shift, from perceiving [GDPR] as something that needs to be done to…it’s the right [thing] to do.
First, what is GDPR?
The General Data Protection Regulation (“GDPR”) is a is a regulation in European Union law that requires businesses to protect the personal data and privacy of European Union (EU) citizens for transactions that occur within EU member states.
GDPR’s provisions also require that any personal data that is transferred outside the EU is protected and regulated. So any data belonging to a European citizen must be in compliance with GDPR. For example, a metal fabricating shop located in the U.S. is selling materials to customers in England. The U.S. business is still required to comply with GDPR because of the European data that is involved.
INFOR advises business to prepare to invest in technology.
“To comply—or turn data security into a differentiator—be prepared to make IT investments. You will likely need to upgrade or modernize your processes to prevent security breaches, track opt-ins, notify those affected if you have a breach, and properly collect and use personal data of customers and prospects… Outdated technology or manual processes will likely fall short of demands. Attempting to cobble together solutions from legacy systems may prove to be a slow, laborious process and ineffective.”
The fines imposed are steep and the option of doing nothing is highly risky. INFOR informs that software providers have been committing considerable resources to make sure their products are GDPR compliant. Upgrades are being developed that will make data security a daily routine, simpler to execute, and more reassuring to the public.
To learn more about GDPR compliance and keeping your technology up-to-date, check out INFOR’s blog series, “GDPR: Game-changing mandate and why you need to prepare.”