On the May 25, 2018, the General Data Protection Regulation (‘GDPR’) will replace the current Data Protection Directive, demanding a huge cultural and operational change to the way businesses operate. The GDPR is a new law to unify data protection across the European Union and will require any business that operates from within the EU – from small to large – to have data protection measures in place and disclose any breaches. The regulation mandates considerably tougher penalties than the existing rules and if breached, organisations can expect fines of up to four percent of annual global turnover or €20 million – whichever is greater. With the GDPR coming into effect in just over a year, businesses have little time to make the necessary changes, and need to start putting plans in place now if they’re to meet the deadline.
This provides both a challenge and an opportunity for the channel. The challenge is how does the channel partner as a business itself comply, and the opportunity is how, as a technology provider, does the partner help its customers do the same.
It’s often said that when it comes to process, culture and technology that technology is generally last in the line of priorities, however this is not the case for GDPR. Technology is holding the data, managing its processing and its movements. Partners, as technology-centric organisations, firstly need to consider the fact that privacy and protection are two different topics. Privacy is what your customers want you to do, protection is what the law demands that you do. For too long the game has been loaded in the direction of protection, aiding businesses but at the cost of data privacy – and the consumer. The GDPR re-balances that equation and loads the dice in the favour of the consumer.
With this in mind, customers will be expecting suppliers to implement the necessary changes to ensure their data is kept in line with the high information security standard required for GDPR. This is particularly crucial for partners that provide IT equipment such as printers, photocopiers and scanners that act as a conduit for information within organisations.
Becoming a trusted company with data will not just be the law but can become a competitive advantage if done correctly. It should be seen as an opportunity for partners to promote their companies as those that can keep up with the requirements and demands of today’s data-led world. However, it must be remembered that technology has the potential to expose company networks and linked data repositories to both internal and external threats.