If you do business with the data of entities and persons from the European Union, or if you send data to an EU territory, you should learn more about this new regulation.
Today data lives across borders and timezones. This means data regulations are reaching as far as well. For example, recording a service call from an EU caller to a local contact centre ensures better quality control and reporting, thus improving service.
But it could also constitute a breach of EU General Data Protection Regulation (GDPR), even if you are not an EU company. Fines are heavy and at the very least not being compliant disqualifies a company from doing business with any EU entity.
Does GDPR concern your local business? It just might, both for legal and customer trust reasons. Privacy is a growing concern: according to the EU, only 15 percent of people feel they have control over information they provide online. If that is the case, getting the right business service provider will spare you and your customers a lot of cost and anxiety.
What is GDPR?
GDPR was enacted by the European Parliament in 2016 and its grace period ends this year. It’s not dissimilar to the local POPI (Protection of Private Information) act and there are overlaps between them.
But to keep it brief, GDPR is an update and unification of EU law around data, stipulating how information from EU entities must be stored and used, even if the data resides outside of that territory. There are also implications of data is sent to a data controller inside the EU, a role related to the storage and management of data.
GDPR has several requirements, including getting consent for data, protecting data, notifying of breaches, right to be forgotten, and data transfers to outside of the EU. The application of these and others vary, based on the type of sector and size of a company. Fines for GDPR can be heavy – up to four percent of global annual turnover or €20 million – whichever is higher.
Is this a problem for your business? If any of the above conditions seem to ring true, if your business provides international services or uses international services, it should be looked at.
How services are impacted
If you look at two major areas inside many modern organisations, they are quite likely impacted by GDPR: communication services and enterprise content management.
Communication services such as call centres reach across borders. If a company is engaged in recording any details from people of EU countries, GDPR will have an impact. This also applies if an EU company contracts communications services from a company.
Fortunately telephony systems are tremendously modern, deployed as a commodity and homed in secure cloud environments. What makes these choices so appealing is the easy control over cost and the depth provided by reporting tools. Instead of dealing with the complexities that deliver compliance, by using a service you get the outcomes and not the legislative headaches. Partnering with leading brands such as Mitel, Itec can provide such a turnkey GDPR-compliant environment.
The same methodology applies to enterprise content management. Using platforms such as M-Files, a company can be assured its internal content – including details from EU customers and partners – is safe, secure and in step with GDPR.
This is the power of services: safety, assurance, convenience and clarity, with just one price and no asset sweating. Even if you don’t need GDPR compliance, managed business services can help claw back resources to reinvest.
But best make sure if you do: GDPR’s grace period ends on 25 May this year. Don’t delay! Contact Itec today and learn if you have to add this regulation to your business’ compliance.