Somebody, somewhere has their eyes on your data. But some of this data is not yours - it belongs to your customers. Rightly so, they expect you to protect it. You have a duty of care to safeguard and nurture their data. Fail in your duty to care for this data and it becomes vulnerable to hackers.
The Oxford Dictionary states ransom as “a sum of money demanded or paid for the release of a captive.” This captive could be your data. Whilst this is not a position you would wish to be in, you would be able to redeem your data through payment of a ransom. But, this is not the only thing that you need to consider. The damage may have already been done to your customer response times, computer networks and balance sheets. Could you redeem your reputation as a business as quickly as a Bitcoin transaction?
Wikipedia defines GDPR as “The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. When the GDPR takes effect, it will replace the 1995 Data Protection Directive (Directive 95/46/EC).”
GDPR becomes enforceable from 25th May 2018.
Many organisations traditionally have retained data for long periods in backup form as a cheap alternate to using content based archives. Under the new GDPR, fines may be levied if Personally Identifiable Information (PII) cannot be tracked and controlled effectively.
GDPR effects Data Protection in many ways:
Last weekend I had the privilege of attending the British Grand Prix at Silverstone, courtesy of Red Bull Racing. I got a chance to see up close how the Red Bull team go about their business. On race day they managed to split the two Mercedes drivers with Max Verstappen getting 2nd place ahead of the penalised Nico Rosberg.