With millions of consumers affected by recent data breaches from corporate giants such as Yahoo, LinkedIn and MySpace, it seems that trust surrounding data protection is rapidly diminishing, causing consumers to question who knows what about them.

Thankfully, new GDPR legislation is overhauling how businesses process and handle data, giving consumers more reassurance over the protection of their personal information.

Learn How to Claim an Export Market Development Grant with our Free Guide

What exactly is the GDPR legislation?

GDPR, or the General Data Protection Regulation, refers to the new set of laws established by the European Union (EU) to help better protect the data of citizens and residents of EU countries. With the recent announcement of the Yahoo! cyber attack resulting in three billion accounts hacked and data compromised, the GDPR rules hope to shift the power balance to play in consumer’s favour rather than corporations’.

The act promises to narrow the gap between customers knowing, understanding and consenting to the data collected about them. This will be done by companies clearly stating how they are collecting and handling personal data such as name, home address and location. Furthermore, customers will now gain the right to access such data and the option to request permission to have all data erased relating to them.

But I’m an Australian company, how does this impact me?

Although the GDPR is predominantly focused on protecting the data of those in the EU, companies out of this boundary are still affected if they meet the following criteria:

  • Goods or services are offered to people within the EU – whether payment is required or not.
  • They have an establishment in the EU.
  • The behaviour of individuals in the EU is monitored through data collection. This includes internet tracking and profiling.

With a recent Dell report revealing 80 per cent of global participants say they know few details or nothing about the GDPR changes, many businesses are running the risk of major fines and problems. Failing to comply can result in a four per cent fine of annual global turnover or €20 million (AU$31 million) – whichever is higher. This is the maximum penalty for the most significant breach, such as not having enough customer consent to handle and process data.

If you’re answering yes to any of the above criteria, you must now take relevant steps to ensure you are following GDPR protocol so you can correctly handle your customers’ data.

Just because you’re not in the EU doesn’t mean you won’t be affected by the GDPR changes.

What do I need to do in order to comply?

As the GDPR was enforced on May 28, and businesses have had two years to get ready for the changes, Australian businesses who have not already taken the measures to comply must make quick changes to avoid running into problems. However, companies that have shown awareness to comply are likely to be treated better than those who have shown no gumption.

Here are some steps to get the GDPR compliance ball rolling:

  • Ensure all key decision makers are aware of the GDPR changes.
  • Assess the personal data you hold. Where did it come from? Who has access to it? Are your privacy policies and notices compliant with the transparency requirements under GDPR protocol?
  • Review how you record and manage consent and refresh policies if they do not already meet GDPR requirements.
  • Have the right procedures in place to deal with personal data breaches quickly and effectively. Under the new GDPR laws, the national authority must be notified of a data breach with 72 hours. Data processors are also required to notify customers after first becoming aware of a breach.

Of course, there are more steps that must be taken, so be sure to read through the full legislation report.

If you’re planning to take your product overseas, especially anywhere in the EU, it’s important you’re compliant with changes like these. When working with Techwitty in the development process, we can work with you to ensure you’re aware of relevant legislation changes.

Assess Your Eligibility for the Grant Now