{"id":4375,"date":"2021-05-25T12:46:46","date_gmt":"2021-05-25T16:46:46","guid":{"rendered":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/?p=4375"},"modified":"2021-05-25T12:47:05","modified_gmt":"2021-05-25T16:47:05","slug":"gdpr-three-years-later-the-y2k-of-the-2020s","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/","title":{"rendered":"GDPR Three Years Later: The Y2K of the 2020s?"},"content":{"rendered":"

\"GDPR

The editors at Solutions Review, as well as industry experts, reflect on the impact and effects of GDPR three years after it passed.<\/strong><\/em><\/p>\n

Today is the three-year anniversary of GDPR passing. Before the regulation was implemented on May 25th, 2018, IT professionals were clambering to ensure their organizations were compliant with the new regulations in order to avoid the steep fines they could potentially incur if they weren’t careful. The panic induced in the period between GDPR being announced and going into effect was reminiscent of the anxiety surrounding Y2K, but was it more justifiable? Experts in the data privacy and protection industries provided Solutions Review with their commentary on where we stand, as well as how to continue complying with GDPR in a post-pandemic world. To provide more context, let\u2019s look at what some of the regulations of GDPR are, before getting into the commentary from the experts.<\/span><\/p>\n

Many organizations choose to outsource their backup solutions. While this is possible, it’s only a small step in achieving full GDPR compliance. Because this outsourced solution provider will be managing your data, they fall under the term, “data processor”, which in turn means they will be responsible to comply with GDPR as well.\u00a0<\/span><\/p>\n

Additionally, It’s absolutely critical that your backup provider tests the effectiveness of their solution on a regular basis. Before signing an agreement with a backup solution, you should consider making sure that the provider holds some Cyber Essentials Security accreditation. If backups are not already automated, it may be a good idea to increase the frequency to keep in line with your live data. Because GDPR requires that organizations have access to the most current data, frequent and regular backups are incredibly important.<\/span><\/p>\n

<\/div><\/p>\n

You May Also Like<\/strong><\/h3>\n

\"10<\/a><\/div>

10 Informative GDPR Articles Compliance-Seekers Must Read<\/a><\/h3>

\r\nEurope's upcoming General Data Protection Regulation (GDPR)\u00a0will have a widespread impact on companies that operate in virtually every …<\/p>BUDR News<\/a><\/span><\/span><\/div><\/div>
<\/div>
<\/div>

<\/div>\n

\t\t\t

<\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/span><\/p>\n

Jennifer Glasgow, EVP, Policy & Compliance,<\/b> First Orion<\/b><\/a><\/h4>\n

“We are approaching the third anniversary of the enactment of GDPR (General Data Protection Regulation). While originally intended to protect the information of EU residents, we\u2019ve seen GDPR become the model for privacy and data protection legislation on a global scale. We are global citizens, and so too is our information. No matter where an organization is based, we must ensure that all cross-border data transfers don\u2019t weaken the protection of personal data. Once GDPR was rolled out in Europe, we saw elements of GDPR come into play in the U.S., with CCPA (California Consumer Privacy Act) and in other countries around the world. We are also beginning to understand the law\u2019s weaknesses. <\/span><\/p>\n

Global dialogues suggest that a stronger accountability-based approach allows more innovation with data, something businesses and governments alike want. As many U.S. states pass privacy laws and pressure rises for a single federal standard, 2021 will be a pivotal year in the U.S., the EU, and around the world in the evolution of privacy and data protection laws. It remains to be seen if we can break some glass and take the big leap to a different construct that protects individuals while encouraging innovation with data.\u201d\u00a0<\/span><\/p>\n

<\/div>\n

Stephen Cavey, Co-founder and Chief Evangelist,<\/b> Ground Labs<\/b><\/a><\/h4>\n

\u201c<\/span>Since GDPR\u2019s inception in 2018, the regulation has had a global impact on data compliance, sparking similar efforts from other countries to create their own legislation to better protect their citizens. These regulations have effectively increased transparency, given consumers the ability to opt-out of data sharing practices, and held businesses accountable for the personal data they hold. In addition to other compliance regulations like CCPA, we anticipate seeing even more global data protection laws from all regions in the near future, including those from China and South Africa.<\/span><\/p>\n

However, challenges arise as more and more data is generated and more people are conducting their day-to-day activities from the comfort of their homes and personal devices. This makes GDPR arguably more relevant now than it has ever been. As these regulations grow in scale and complexity and fines for violations and non-compliance continue to see double-digit growth, organizations are exploring ways to meet these requirements without hindering business success. Forward-thinking organizations are deploying solutions and processes that will allow them to address security using a common, data-driven approach despite any variances in regulation that each of these emerging laws brings. I also believe we may see businesses adopting protections as a unique selling point in years to come. Take, for example, Apple\u2019s recent iOS 14.5 update, which gave users ultimate control over data collection on their iPhones and translated into a \u2018Privacy. That\u2019s iPhone.\u2019<\/span> marketing campaign<\/span><\/a>.\u201d<\/span><\/p>\n

<\/div>\n

Declan Dickens, Senior Manager, Northern Europe,<\/b> Checkmarx<\/b><\/a><\/h4>\n

\u201cThree years ago, the General Data Protection Regulation (GDPR) came into effect, heralding a new wave of privacy and security reform throughout Europe. While debates carry on about the true effectiveness of GDPR, one thing that\u2019s been clear is that it has forced organizations, consumers, and legislatures alike to take notice of privacy \u2013 which is a positive in itself.<\/span><\/p>\n

With that said, there is still a lot of work to be done when it comes to widespread action and accountability surrounding data privacy. A new report noted that over 661 fines have been issued since GDPR became enforceable, totaling \u20ac292 million \u2013 a concerning number. It\u2019s important that both lawmakers and organizations don\u2019t become complacent in this critical effort. Issues surrounding fragmentation and gray areas still exist with the GDPR, which continue to create a variety of problems. GDPR, and data privacy protections more broadly, should be a living, breathing initiative, being consistently updated to reflect changes in end user needs, evolutions in regulatory requirements, and more.<\/span><\/p>\n

Organizations that develop applications, in particular, must ensure they\u2019re aligning with the GDPR requirements. The articles relating to this (25, 32, 33, 34, and 35) reaffirm the steps needed when securing data flowing through applications, in addition to what needs to be done in the event of a data breach. For those looking to remain compliant, we suggest they first follow the \u2018privacy\/security by design\u2019 rule \u2013 ensuring data security and privacy are considered during the planning stage of any product or solution, as opposed to during development \u2013 to safeguard data from attackers by default. For existing operations, organizations need to work to discover any weak points in how data flow is processed and handled by performing gap analysis to find what works and what needs to be worked on or removed. Finally, organizations should make a habit of \u2018spring cleaning\u2019 to remove any data that is no longer needed. Only by following these critical steps, can they hope to position themselves in the most agile and resilient way to avoid hefty fines, and more importantly, protect data privacy.\u201d\u00a0<\/span><\/p>\n

<\/div>\n

Neil Thacker, EMEA CISO, Netskope<\/b><\/a>:\u00a0<\/b><\/h4>\n

“On the 3rd anniversary since the General Data Protection Regulation (GDPR) came into effect, we recognize the continued problem of the use of unmanaged cloud applications and services whilst adhering to the regulation. One of the most underestimated compliance challenges that organizations face under the GDPR is the fact that many – if not most – personal data records, for which the organization is legally responsible, are processed using cloud applications and services not traditionally owned or made visible to the IT or the security team. Also, unstructured personal data is created by the workforce \u2013 often unsupervised \u2013 using productivity or collaboration applications. This data is pervasive across mobile devices and shared with others through unmanaged applications and cloud storage locations, which are outside the organization\u2019s direct control. The pandemic-fueled explosion of data in 2020 and a Work-From-Anywhere (WFA) trend involving Bring Your Own Device (BYOD) usage has only exacerbated this problem.<\/span><\/p>\n

Nevertheless, under the GDPR regulation, it is always the organization\u2019s legal responsibility to protect such data from loss, alteration, or unauthorized processing, even if workers use cloud services that are not pre-approved or controlled by the organization. This means that organizations must know which personal data records are processed by users of cloud services; identify the cloud applications used by the organization\u2019s workforce; prevent personal data from being stored or processed in unmanaged cloud services, and continue to protect personal data when stored or processed in cloud services.<\/span><\/p>\n

Failure to manage non-approved cloud services may leave the organization at serious risk, from both a legal perspective and from a business continuity and reputational perspective. CIOs and CISOs must therefore pay close attention to this issue and implement measures to bring such cloud services under the visibility and control of the organization. Trusted frameworks and platforms, such as Secure Access Service Edge (SASE), help not only to future-proof an organization\u2019s cloud strategy but do so with security, privacy, and compliance with regulations, such as the GDPR, at the forefront.”<\/span><\/p>\n

Just because GDPR has been in effect for three years, doesn\u2019t mean your organization should let up on maintaining compliance. Your business needs to be aware of the rules and regulations, and how strictly they are enforced, in order to be compliant, as GDPR fines are still in effect for organizations that don\u2019t comply. Consider the above commentary and think about reevaluating your data protection<\/a><\/strong><\/span>\u00a0policy in order to stay updated and remain compliant.<\/p>\n

<\/div><\/p>\n

\t\t\t

\"Download<\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Jennifer Glasgow, EVP, Policy & Compliance, First Orion “We are approaching the third anniversary of the enactment of GDPR (General Data Protection Regulation). While originally intended to protect the information of EU residents, we\u2019ve seen GDPR become the model for privacy and data protection legislation on a global scale. We are global citizens, and so […]<\/p>\n","protected":false},"author":43,"featured_media":4376,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1,204],"tags":[918,30,613],"acf":[],"yoast_head":"\nGDPR Three Years Later: The Y2K of the 2020s?<\/title>\n<meta name=\"description\" content=\"The editors at Solutions Review, as well as industry experts, reflect on the impact and effects GDPR three years after it passed.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Tess Hanna\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/\",\"url\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/\",\"name\":\"GDPR Three Years Later: The Y2K of the 2020s?\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2021\/05\/GDPR-3-Years-Later-The-Y2K-of-the-2020s.jpeg\",\"datePublished\":\"2021-05-25T16:46:46+00:00\",\"dateModified\":\"2021-05-25T16:47:05+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#\/schema\/person\/1915d169a2244d0703ac9749676fe5cd\"},\"description\":\"The editors at Solutions Review, as well as industry experts, reflect on the impact and effects GDPR three years after it passed.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2021\/05\/GDPR-3-Years-Later-The-Y2K-of-the-2020s.jpeg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2021\/05\/GDPR-3-Years-Later-The-Y2K-of-the-2020s.jpeg\",\"width\":800,\"height\":400,\"caption\":\"GDPR 3 Years Later- The Y2K of the 2020s? Featuring insights from industry experts\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"GDPR Three Years Later: The Y2K of the 2020s?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#website\",\"url\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/\",\"name\":\"Best Backup and Disaster Recovery Tools, Software, Solutions & Vendors\",\"description\":\"Solutions Review\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#\/schema\/person\/1915d169a2244d0703ac9749676fe5cd\",\"name\":\"Tess Hanna\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/a013a1b8fc928c09456c408742bc1e25?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/a013a1b8fc928c09456c408742bc1e25?s=96&d=mm&r=g\",\"caption\":\"Tess Hanna\"},\"description\":\"Tess Hanna is an editor and writer at Solutions Review covering Backup and Disaster Recovery, Data Storage, Cloud Computing, and Network Monitoring. Recognized by Onalytica in the 2021 \\\"Who's Who in Data Management,\\\" and \\\"Who's Who in Automation\\\" reports. You can contact her at thanna@solutionsreview.com\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/tesshanna\/\",\"https:\/\/x.com\/SRDataProtect\"],\"url\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/author\/thanna\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"GDPR Three Years Later: The Y2K of the 2020s?","description":"The editors at Solutions Review, as well as industry experts, reflect on the impact and effects GDPR three years after it passed.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/","twitter_misc":{"Written by":"Tess Hanna","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/","url":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/","name":"GDPR Three Years Later: The Y2K of the 2020s?","isPartOf":{"@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2021\/05\/GDPR-3-Years-Later-The-Y2K-of-the-2020s.jpeg","datePublished":"2021-05-25T16:46:46+00:00","dateModified":"2021-05-25T16:47:05+00:00","author":{"@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#\/schema\/person\/1915d169a2244d0703ac9749676fe5cd"},"description":"The editors at Solutions Review, as well as industry experts, reflect on the impact and effects GDPR three years after it passed.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/#primaryimage","url":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2021\/05\/GDPR-3-Years-Later-The-Y2K-of-the-2020s.jpeg","contentUrl":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2021\/05\/GDPR-3-Years-Later-The-Y2K-of-the-2020s.jpeg","width":800,"height":400,"caption":"GDPR 3 Years Later- The Y2K of the 2020s? Featuring insights from industry experts"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/gdpr-three-years-later-the-y2k-of-the-2020s\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/"},{"@type":"ListItem","position":2,"name":"GDPR Three Years Later: The Y2K of the 2020s?"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#website","url":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/","name":"Best Backup and Disaster Recovery Tools, Software, Solutions & Vendors","description":"Solutions Review","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#\/schema\/person\/1915d169a2244d0703ac9749676fe5cd","name":"Tess Hanna","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/a013a1b8fc928c09456c408742bc1e25?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/a013a1b8fc928c09456c408742bc1e25?s=96&d=mm&r=g","caption":"Tess Hanna"},"description":"Tess Hanna is an editor and writer at Solutions Review covering Backup and Disaster Recovery, Data Storage, Cloud Computing, and Network Monitoring. Recognized by Onalytica in the 2021 \"Who's Who in Data Management,\" and \"Who's Who in Automation\" reports. You can contact her at thanna@solutionsreview.com","sameAs":["https:\/\/www.linkedin.com\/in\/tesshanna\/","https:\/\/x.com\/SRDataProtect"],"url":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/author\/thanna\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/posts\/4375"}],"collection":[{"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/users\/43"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/comments?post=4375"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/posts\/4375\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/media\/4376"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/media?parent=4375"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/categories?post=4375"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/tags?post=4375"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}