Myth 1: We’re a US based company so the GDPR doesn’t apply to me.
Fact: GDPR will impact every business that touches the personal data ofEU citizens, including businesses that don’t collect the information themselves. So even if you are a non-EU company and you deal with EU citizens data you will also have to comply.
Myth 2: Since the UK is leaving the EU, we don’t need to worry about GDPR compliance.
Fact: This one should be common knowledge by now. The UK government have confirmed that they will continue to uphold the new legislation after Brexit.
Myth 3: Personal data that is already in our database isn’t subject to GDPR.
Fact: If data was collected before GDPR comes into force, it will still need to be GDPR compliant.
Myth 4: My data is stored with my cloud service provider so it’s their responsibility to remain complaint with GDPR, not mine.
Fact: Although your third parties are responsible for making sure they are GDPR compliant, it is also the responsibility of the business to ensure the personal data held about their customers is looked after and GDPR compliant.
Myth 5: Our company uses pseudonymisation and encryption to protect personal data, so that should be enough for GDPR purposes.
Fact: Pseudonymisation and encryption are advised, however, that is still not enough to comply with the upcoming regulation. Nevertheless, pseudonymisation does allow for some relaxation of the law. For example, if a data breach occurs, a report may not have to be submitted to the regulatory authority.
GDPR Summit London promises to give you the full facts on GDPR from experts.
For more information, visit, here.
GDPR Summit London is a dedicated event which will help businesses to prepare to meet the requirements of the GDPR ahead of May 2018 and beyond.
Further information and conference details are available at http://www.gdprsummit.london/