DATA BREACH!!
These are two words we’re hearing more and more that are as scary as hearing “GUN!” or “FIRE!”
Perhaps not as an immediate threat as the latter two, but something that could affect our lives long, long after the actual breach.
No April Fool’s joke, on April 1st, news releases announced that hackers allegedly staged an attack on Saks 5th Ave. and Lord & Taylor to steal information from more than 5 million debit & credit cards.
The following day, potentially worse AND closer to home, according to researchers, the Panera Bread’s website was found to be leaking data potentially exposing millions of customer records – something Panera allegedly knew about in August 2017.
What makes Panera’s issue even worse was that its website was allowing ANYONE, not just dedicated hackers, to access personally identifiable information simply if you knew the customers’ phone number.
So what is happening to help deal with this?
Well, on 25th May 2018, the GDPR (General Data Protection Regulation) enacted by the EU will come into effect.
The aim of the GDPR (stronger than current EU cookie laws) is to give citizens of the EU control over their personal data, and change the approach of organizations across the world towards data privacy.
For instance, users must confirm that their data can be collected, there must a clear privacy policy showing what data is going to be stored, how it is going to be used, and provide the user a right to withdraw the consent to the use of personal data (consequently deleting the data), if required.
The GDPR law applies to data collected about EU citizens from anywhere in the world. As a consequence, a website with any EU visitors or customers must comply with the GDPR, which means that virtually all websites and businesses must comply.
You have until May 2018 to comply with the GDPR regulations. The penalty for non-compliance can be up to 4% of annual global revenue, up to a maximum of €20 million.
Failure to safeguard user’s personal information is what is behind the recent potential Facebook fines of $40,000 per day.
Is your website GDPR compliant? Are your data protection policies GDPR compliant?
Who do you know that has GDPR questions or concerns? That would be a good referral for us at the Imagination Factory.
