For companies that operate in international jurisdictions, it is vital to stay up-to-date on legislative actions that affect data retention policies and compliance. This allows companies to make internal adjustments as necessary and to avoid costly sanctions and other harmful penalties for non-compliance. Here are just a few upcoming laws worth noting:
European Union – General Data Protection Regulation: In May of 2016, EU policy makers implemented a comprehensive legislative reform of personal data protection rules. Going into effect on May 25, 2018, it places a high standard of protection on personal data held by companies by regulating the collection, use, storage, and breach notification protocol of such data. The regulation also imposes sharply increased fines and sanctions for violations. Broad in scope, it will particularly affect industries such as the financial sector, which by nature collects and stores large amounts of personal data. Read more here.
Australia – Mandatory Data Breach Notification (MDBN): Introduced into the House of Representatives last month as the Privacy Amendment (Notifiable Data Breaches) Bill and anticipated to take effect in late 2017, the Australia Federal Parliament is expected to pass MDBN. This law will require companies that suffer a suspected data breach that is likely to cause serious harm to both investigate the breach and to notify both the impacted individuals and the Privacy Commissioner of the breach. Previously, companies were not required to notify anyone of a data breach or hack. If passed...
Author: Jared Walker, Senior Research Analyst at Zasio Enterprises, Inc.