Data Protection Regulations
The latest regulations with GDPR and CCPA have brought the need for more in-depth data protection. We have always been passionate about security and will continue to stay up-to-date on laws and industry best practices, not only for the sake of compliance, but also to make sure you have the information you need for your business continuity and risk management programs.
Date effective: May 25, 2018
GDPR consolidated all privacy laws in the European Union into one, consolidated regulation, with the goal of protecting the privacy of citizens. It expanded the already established privacy rights granted to individuals in every EU country and placed many new obligations on organizations that market to, track, or handle personal data of individuals residing in the EU, no matter where the organization is located. The last bit is key — even if you are a U.S. based company and are storing or have access to the personal data of individuals who live in the EU, GDPR holds your business responsible.
The regulation requires that companies have a more comprehensive understanding of where and how their customers’ data is stored, what data it contains, and how it’s being used. Most importantly, organizations need to verify that this data is secure.
Date effective: January 1, 2020
CCPA was passed in California in June of 2018. Similar to GDPR, it aims to protect the privacy of citizens. It doesn’t have borders, affecting almost all businesses in the United States. Any company with a California resident’s data must comply or face the possibility of being sued. This act is the first wave of legislation in the U.S., and we anticipate a federal regulation in the coming years.
It has many of the same principles as the GDPR, including the right for consumers to know what data companies have on them, how that data is being used, the right to delete that data, and the obligation of the business to appropriately safeguard that information from a breach.
GDPR and CCPA require many companies throughout the world to make many changes to ensure compliance through data organization and security. These regulations require ongoing obligations that are too difficult to handle in static documents without standardized systems and processes.
Organizations can ensure compliance to these established regulations and upcoming laws with a risk management system that is scalable, manageable, and secure. Fusion provides a comprehensive system, the Fusion Framework System, that contains all of your organization’s data, including privacy and management protocols to guarantee requirements are monitored properly on an ongoing basis. With Fusion, you’re able to access the information you need securely from virtually anywhere.