How can Policy Management Software help you deal with proposed changes to EU Data protection law?
The proposed changes to EU Data Protection laws, has caused much media attention since the live EU debate on Wednesday. At Metacompliance, we agree with the Justice Commissioner, Viviane Reding’s argument that changes will “help build trust in online services because people will be better informed about their rights and more in control of their information.” One thing is certain, you cannot afford to ignore the debated changes if you hold electronic customer records. Companies who are found in breach of the proposed new regulation face a fine of up to 2% on annual turnover.
So, what key changes to the 1995 Data protection laws are the Commission proposing?
This is just the natural evolution of the rules associated with data usage and its safe guarding.
What has user awareness and policy management got to do with this?
It’s the people issue!
There are still too many organisations treating data protection as “someone else’s problem”. Data Governance should have the same standing in the organisation as Financial Governance. However, it took at least a few decades for Financial Governance to reach the priority within an organisation that it now enjoys. It will be the same with Data Protection and Governance.
Ultimately your organisational Data Protection culture needs to match existing and proposed responsibilities. These proposed changes to EU Data Protection Law provide the incentive to ensure the organisational journey and culture change commences and stays on course.
The culture of best practice Data Protection begins with user awareness. Should there be a Compliance incident, then your IT Security policies become the baseline for any discussions. A combination of User Awareness and IT Security policy management needs to be at the center of an organisation’s response to this increased regulatory environment. Obviously, at Metacompliance we would recommend the use of Policy Management Software to automate these repetitive Compliance processes. Do you agree?