There is a fundamental transformation underway. In the digital economy information is the currency of exchange. And, information knows no boundaries. Harmonization of regulations that fosters the free flow of information while strengthening privacy and security rights is an imperative for policy makers.
Take the EU and US trading block as an example. The total value of goods and services between the two largest trading blocks is estimated at $5.5 trillion employing 15 million. Cross border flows between the EU and the US are estimated to be 50% higher than any other trading block. 65% of US investment in information technology is in the EU.
Identity theft and impact of security and privacy breaches are impacting customer experience and customer loyalty negatively at increasing levels. They are also driving regulators to bolster data security and privacy legislation to impose stricter obligations on businesses and data controllers. Enter the new European Data Protection Regulation (EU GDPR).
As a response to advances in digital technologies such as big data, cloud computing and predictive analytics, coupled with revelations of bulk data collection and profiling by intelligence services the General Data Protection Regulation (GDPR) is a comprehensive overhaul of privacy legislation which considerably strengthens and expands privacy rights.
It spans more rigorous consent requirements data anonymization, the right to be forgotten and breach notification, which could lead to fines of up to €20 million or 4% of global annual turnover for the preceding financial year — whichever is the greater — being levied by data watchdogs. For other breaches, the authorities could impose fines on companies of up to €10m or 2% of global annual turnover — whichever is greater. For the average Fortune 500 company, that puts fines in the range of $800-900M.
In this new AIIM e-book (sponsored by Everteam) – Information Privacy and Security: GDPR is Just the Tip of the Iceberg, the focus is on five key questions that should be on every C-level executive’s list of priorities:
- How has the environment for information privacy and security changed?
- What is GDPR, why should you care, and what does it mean for your organization?
- What does “Privacy by Design” Mean?
- How will the Internet of Things make the privacy equation even more complicated?
- What should your organization do about all of this, and what role will machine learning play in solving the problem?