Is your online office suite state of the art?
What is the General Data Protection Regulation, or GDPR for short?
The General Data Protection Regulation (GDPR) is the toughest privacy and security law in the world. Though it was drafted and passed by the European Union (EU), it imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. The regulation was put into effect on May 25, 2018. The GDPR will levy harsh fines against those who violate its privacy and security standards, with penalties reaching into the tens of millions of euros.
Well that sounds scary, but what does GDPR really mean for businesses and how they collect and store data? In this quick guide, we will explain what you need to know about GDPR with a focus on how it relates to services such as Office365, Google Docs and Collabora Online.
Under GDPR, if a data ‘controller’ (an organisation that collects any personal data) wants to share personal data with a third-party ‘processor’ (an organization that processes this data, for example Microsoft or Google), they must ensure that the third-party processor provides sufficient guarantees that they will implement appropriate technical and organizational measures to protect the personal data. Even without sharing with third parties, the controller must also show that when “taking into account state of the art” technology, they are incorporating data protection “by design and by default”.
And if all this seems very abstract, it might be worth considering according to German legal firm CMS, there have been over 1,600 fines issued in the last five years, with the average fine a little over €2,400,000. These range from headline grabbing figures for Meta and Amazon, to hundreds and thousands of euros for small and medium businesses, hospitals, government administrations and other companies dotted around the world with European users. After removing the 45 individual fines over 1 million euros for this period, we calculate the average fine comes out at more than €300,000. Got your attention yet?
So what is “state of the art”, and “data protection by design and by default”. At Collabora, we believe the highest level of protection means having the strongest access control requirements, and for this, no-one else does or can do better.
Download the white paper to read more: