Although EU laws today are meant to protect businesses, they are only effective to a certain degree. This is because there has never been a “one size fits all” approach to privacy compliance. The differences between each country’s set of regulations, make it hard to answer questions such as the level and extent of protection and what needs to be done when data is stolen, especially if your activity spans overs several countries.
The current EU Data Protection Directive 95/46/EC does not consider aspects like globalisation and technological developments sufficiently. Typically, social networks and cloud computing, which is a prominent means to spread, store or share information today, were in infancy (or non-existent) when the first Directive was adopted. Additional and consistent data protection and privacy measures are now required and a proposal for a regulation was released on 25 January 2012. The European Council aims for adoption in late 2014 and would take effect after a transition period of 2 years. Simplifying data protection regulation
Firstly, European Union legislators are seeking to simplify the European General Data Protection Directive (ref. 95/46/EC) to provide businesses operating within a unified EU law and data protection authority. This will make it easier for national courts to deal with the misappropriation of confidential business information.
This will consist mainly of:
- Defining what constitutes a commercial secret and a misappropriation of confidential data
- Enabling businesses victims to assert their rights in court, without taking the risk that confidential data involved will be exposed publicly
- Making it easier for businesses to receive damages through a shorter justice process and a defined set of laws.
- Extending the scope of the law to foreign companies processing EU residents’ data.
That is a welcome simplification of the compliance to data protection regulations for both EU and non EU firms.
The cost is a strict data protection compliance regime
One point that the Directive stipulates is that it will only protect a company if “reasonable steps have been taken to keep the information secret”. This means that businesses that work with sensitive data (law firms, accounting practices, high tech and health sectors…) should review how they protect their information and adopt processes to keep information secure throughout its lifecycle – from the processing and sharing to the storing and deletion of this information.Firms should also look to implement compliance procedures and policies that regularly review these. For those organisations that do not comply, there are heavy financial penalties that are being proposed. Figures being discussed may be in between 2% and 5% of annual worldwide turnover in some cases, however this is yet to be defined.
As information theft becomes more prominent and cyber criminals more savvy, this EU Directive is a step in the right direction. The tougher, more harmonised regulations combined with an increased onus on organisations to protect their own data, will play a significant role in tighten the grip on information theft while boosting confidence for those working with sensitive data across the EU.
]
Nikec Solutions [ www.nikecsolutions.com ]
Need more information or want to test drive one of our products? info@nikecsolutions.com
Sources & references:
- Proposal for the EU General Data Protection Regulation. European Commission. 25 January 2012 [ here ]
- White & Black corporate technology lawyers [ here ]
- New draft European data protection regime - M Law Group: [ here ]
- Wikipedia [ here ]
- Proposal for the EU General Data Protection Regulation. European Commission. 25 January 2012 [ here ]
- White & Black corporate technology lawyers [ here ]
- New draft European data protection regime - M Law Group: [ here ]
- Wikipedia [ here ]
Nikec Docstore is a mobile application designed for professionals which allows storing any type of file, accessing them remotely from a computer or an iPad and sharing them with authorised colleagues or clients. By combining ease of use and the level of security required in the exchange of working and sensitive documents Nikec Docstore is ideal for mobile professionals and collaborative work. Plus the application is available on premise or in cloud (SAAS), so you always keep full control of your documents.
No comments :
Post a Comment