The GDPR (General Data Protection Regulation) of the EU and the CCPA (California Consumer Privacy Act) of California came into law in 2018 and permanently changed how businesses act and function.
Who is impacted by this?
Even if your business is neither in the European Union nor California, you are not necessarily exempt from being impacted by it. You or your company must be compliant with one or both of the laws if you have any business dealings or clients from either region. Globalization means that even if you do not do business with such people today, you never know what tomorrow might bring so it is best to be prepared.
What compliance means
At its core, it means that your client is entitled to much more control over their data. To be compliant, you have to be able to check off all the requirements of the respective laws. Falling short of any of the requirements could carry penalties and legal consequences ranging from fees and lawsuits to revocation of business permits for the region.
The first of half of compliance is that data handling is to be done with a high level of transparency. Any transaction where data is sold, shared, or otherwise given away must be logged and carefully managed. Any data a company has on a person must be easily gather-able and report-able to an individual asking for it. If the individual wants actions with their data ceased or the data expunged, it is required that a company be able to be fulfill the request as well.
The other half of being compliant is making sure individuals’ data is safe. For a clients’ data to be safe, it means your entire system must be secure, ranging from how it is stored, to how it is accessed, and how it is transmitted. A break down in security at any point means failure.
What Agenda offers
Hardening: We can look at your pre-existing systems and advise or help implement changes to make sure data breaches do not occur.
Secure hosting: Agenda is set up to host any manner of system your operation needs. Our servers are guaranteed safe and secure so you’re already close to compliance when hosted through us.
Consulting: We know what is and is not required to become compliant with data protection laws. We can advise you on guidelines, policies, and other efforts.
Data Protection Officers: We can either train or become your company’s Data Protection Officer, allowing for audits of your systems and continual surveillance.
Certification: We can certify that you are compliant once one of our Data Protection Officers ensures compliance.