GDPR and Business Continuity―why you must care

The recent fining of Google by France for violations of the General Data Protection Regulation (GDPR) has prompted increased interest in this globally sweeping regulation. Companies anywhere in the world that deal with EU citizens are subject to GDPR.

Google was fined $57 million proving that GDPR’s reach is long, its bite deep and not to be taken lightly.

What GDPR means to the United States

For the last few years, reports of data breach after data breach have brought the issue of privacy to the forefront. Europe fired the first salvo when it instituted GDPR in May 2018, protecting data privacy of its citizens and holding companies on a worldwide basis accountable for protecting their data.

In 2018, Apple’s CEO Tim Cooke advocated for stricter privacy laws in the U.S. and a survey at A.T. Kearney of 400 executives predicted that GDPR-like regulations will spread to other countries.

In fact, New Jersey is currently considering GDPR-like regulations―other states are sure to follow.

GDPR and Business Continuity

GDPR has 99 articles that all should be aware of―particularly, Article 32 1 (c) titled “Security of processing”. This article covers regulator’s expectations relating to data security.

It states, in part, that Controllers and Processors should have: “the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.”

The good news is that should a company get hacked or infiltrated by malware, a managed Hybrid-cloud Business Continuity solution can reduce the resulting associated downtime from weeks and days using other types of backup systems to just minutes and hours.

A comprehensive backup strategy and business continuity solution will bring companies into compliance with GDPR (and GDPR-like) data restoration requirements.

U.S. Businesses need to get ahead of the coming regulations now

When GDPR was passed, European companies were given a few years to get into compliance before final enactment in May 2018. What businesses found was that they needed every bit of that time as GDPR is extremely pervasive. Compliance is not “a one-shot and your done” deal.

At this time, there’s no telling what the U.S. GDPR-like regulations will look like. Start following your state’s legislative agenda on the subject, begin assessing your data risks, map your company’s data flow and create project plans to comply with new regulations that are sure to come soon.

XSolutions is an Elite Partner of Datto, the world leader in Hybrid-Cloud Business Continuity solutions whose systems protect 460+ Petabytes of data with over 1400+ employees and 9 offices around the globe. Call (845) 362-9675 and let us introduce you to the ultimate defense against data loss—whatever the cause.