What is the General Data Protection Regulation (GDPR)?

If companies do not comply with the new regulations, they could face fines of up to 10 million euros.

According to the legislation, when requested, a company must have the ability to find and delete all the information that they have about a person. Lou Ruppert, VP of Security Operations at Silent Circle, says “It’s a way of taking privacy issues to a more holistic level. It’s built into business processes from the beginning. This allows companies to show respect for their customers’ security concerns.”. If companies didn’t comply with these rules, they could face becoming liable in the future if anything were to happen to that data.

The EU ruled on GDPR back in April 2016 but as this was a big undertaking for some companies, the deadline was set for 25th May 2018 to give them enough time to make the right adaptations to their systems – therefore, recently, companies have been sending out emails to its customers as the deadline draws nearer.

Why are these changes being made?

More now than ever, there are multiple stories that hit the news about data breaches from within companies, especially those that are web or technology based. Most recently, Facebook was under fire in an interview between Mark Zuckerberg (the founder and CEO of Facebook) and the European Parliament about the company’s ability to keep its own user’s privacy and security intact. As Facebook’s main objective is to connect people based on their personal information, they store a lot of information about individuals – it’s been under scrutiny before about its data storage and its use of customer’s information for things like its targeted advertising.

As well as following the new regulations, as the issue of data storage and how it is handled has gained public interest, people are demanding that companies have more respect for data and treat it as a more seriously as an issue. The ramifications of something going wrong with someone’s data would be extremely severe, not just for the company but the individuals involved. “Enterprises often don’t weigh their decisions carefully with respect to data. People’s lives can be at stake just as much as the company’s bottom line – we work in some highly sensitive industries.” - Lou Ruppert.

What does this mean for businesses?

Some companies already have adequate or above the required levels of security and data protection in place in their systems, but those that don’t will need to completely change. Because of the strict rules of the regulation, all traces of anyone’s data needs to be found and deleted immediately, this means that the businesses that store its customer’s data, will need to have clear data storage systems and the assurance that once data is deleted it, it cannot be retrieved. Organisations seeking to comply with the regulation, will need external support networks who are also compliant to avoid penalties. It has become a business’s responsibility to regulate its own systems and processes, even those of companies that they associate or partner with. The Silent Phone has been designed with security at the forefront, right from the concept stages of the device. You can be assured that it meets and if not exceeds the levels of security that the GDPR demands but also that put the phone user in a more secure position. The application’s scheduled burn functionality ensures that messages and call records are automatically deleted on both ends. And there’s no email server or voicemail server to be hacked.