Go with GDPR flow! How it affects you and what to do?
The European Union’s new GDPR privacy rules came into effect over the weekend, but it seems that some organizations didn’t meet the deadline to comply with the changes. A handful of websites, including those of major news providers, went down in the EU, and they posted notes to readers about the new regulations.
What is GDPR?
GDPR (General Data Protection Regulation) are the new rules of personal data processing established on 27 April 2016, that replace the directive on personal data protection of 1995. The action of new regulations applies to all EU countries, and also to foreign companies that do business with EU.
GDPR consists of 99 articles and regulates the relationship between data providers and those who collect, process and operate data. This normative act allows EU residents to protect the usage of personal information which they provided by themselves (name, phone number, email address, payment data), which is collected automatically (location, IP address and other), and by which can determine the preferences and interests of users.
There are seven main principles of personal data protection as described in GDPR:
- Legality, fairness, and transparency. Data should be obtained only with the consent of the user.
- Goal limitation. Data must be collected and used only for the purposes specified at the time of collection.
- Data minimization. Data can’t be collected in a larger volume.
- Accuracy. Inaccurate personal data should be removed or corrected by user request.
- Storage restriction. Data must be stored no longer than processing purpose require.
- Integrity and confidentiality. Data should be protected from unauthorized access, processing, and destruction.
- Accountability. Every company should be prepared to demonstrate compliance with the outlined measures.
Who’s in GDPR?
New rules also produced new terms – data controller and data processor. Controllers are companies that collect personal information and are responsible for it; processors are companies that process this information. In the case of a security breach, all leaks must be disclosed within 72 hours from the time of their discovery; otherwise, the company must pay a fine to 20 million euros or 4% of the year’s profits.
The primary goal of implementing GDPR is to increase responsibility among information processors and promote legal and safe methods of personal information processing. After the entry into force of new rules, companies must explain their mechanisms and purposes of information processing, and European users, in their turn, can request the confirmation of processing their information, clarify the source of data receipt and even require to delete their personal data.
What to Do?
According to statistics, provided by Veritas company, only 40% of companies fear inconsistency with the requirements of personal data processing and 31% are concerned about damage to reputation due to non-compliance with GDPR. All in all, GDPR is a huge step in the existing system, and its action will significantly increase the level of personal data protection, allow struggle against manipulation and misuse of personal information in the EU and beyond.
Regardless of your location, if you work with EU clients, you should take GDPR seriously. There are various depths of changes companies should apply, and it’s better to be done with specialists in the field.
But we did some research and compiled a minimal checklist to be in compliance with GDPR rules for suitable for most of the companies:
Contact us for GDPR compliance testing!
As you can see, GDPR compliance is a complicated consistent process that every company should pass. QAwerk knows the recipe and can help you check whether your company website, app or other online presence complies with GDPR rules.
About QAwerk
QAwerk delivers expeditious, cost-efficient and impactful software testing for more than 3 years worldwide. Effective QA outsourcing performed by our dedicated and experienced team won’t leave a slightest chance for bugs to survive. Conducting and maintaining best software testing practices we ensure bringing your product up to a new level. So if any of your digital solutions requires bug cleanout and fixing – rely it on us!