GDPR has thrown many organizations into the process of redefining and solidifying their data governing and protection strategies. At the same time, individuals are more empowered when it comes to their data and how it is used.
What is GDPR?
The General Data Protection Regulation (GDPR) put forth by the European Union is a set of rules about how organizations should process data of residents in any European Union Countries. This includes the privacy and protection of personal data and more transparent control to the person that data came from. Any organizations outside of the European Union that collect or use data from any EU citizens are also required to comply. The flurry of updated terms of services from Facebook, Twitter, and most other websites and web applications with a global presence over the last six months was due to this new regulation. GDPR assigns power to regulators to ask for proof of compliance and impose fines on organizations that do not comply.
How close am I to being compliant?
Try this GDPR assessment tool to gauge how close you are to 100% compliance. You do not need to sign up or give any information to see the results and it is absolutely free.
On May 7th, the US Department of Health and Human Services (HHS) announced that two medical facilities working jointly agreed to pay a $4.8 million settlement, the largest ever paid, stemming from a security breach three years ago.