The internet and the growing technological evolution have brought great challenges regarding the right to personal data privacy and protection, changing the whole perception of these concepts. While on one hand, it has facilitated or even revolutionized, the way to communicate and manage daily tasks, on the other hand, it makes users much more susceptible to sharing personal data online. Since the implementation of the new General Data Protection Regulation – GDPR, in May 2018, companies have felt an impact on their business strategies and adopted new ways to collect, store and protect consumer data.
At that time, when the GDPR came into the fray, both companies operating in the European Union and most people expected quick and even immediate changes. However, according to Trustarc, only 20% of companies completed GDPR implementations. As a result, the impact of this new regulation is still not entirely clear.
Although there are still no solid conclusions about the effects of the regulation, some companies have already begun to feel implications for their business. In October 2018, according to the General Data Protection Regulation, fines of 400,000 euros were imposed on the Barreiro-Montijo Hospital, in Portugal, “for allowing the indiscriminate access of patient health data to people who should not have this possibility”. This decision is a warning for companies and public entities that are not fully compliant with this legal framework. The consequences of non-compliance with legislation are not just fines. According to the latest data released by the Statista, the number of Facebook users is growing at a slower pace than expected, which is impacting its results. Nevertheless, one of the most affected regions by the deceleration in the number of users is Europe, which is responsible for a large part of the revenue of this social network (24%). This shows that users prefer to abdicate the use of this platform when giving their consent to the use and processing of personal data.
Implementing a process that can meet the legal requirements of the GDPR leads to a substantial change that can cause more complications depending on the size of the organisation or industry in which it operates. Businesses related to online advertising have also begun to feel these effects since it is an area heavily dependent on user data. Similarly, small businesses are struggling to maintain their activity, as larger companies have more resources and a stronger structure to respond to new legislation.
Do you already know all about GDPR?
The General Data Protection Regulation, approved by the European Union, entered into force on 25 May 2018. This regulation introduced a new regime related to personal data protection, with the aim of protecting citizens from their personal data processing on a large scale.
To comply with your legal requirements, there is no specific formula or rule. However, it is necessary to implement practices that demonstrate concern and action, since:
- Any citizen has the right to his personal data protection and to access and correct them whenever he wishes;
- Personal information must be processed only for specific purposes and after the owner consent;
- Compliance with these rules should be subject to control in order to ensure that service providers, software and systems ensure the personal data protection.
If you have not yet adapted your practices to this legislation, MindSEO recommends that you devote some time to this subject and prepare your company for the new requirements.
Contact us to ask questions, in order to understand what needs to be changed to comply with the legal requirements of the General Data Protection Regulation.