Data controllers and processors are required to carefully think about the ways to effectively secure personal data and take all necessary steps in this respect to prevent possible infringements of the Regulation. A new dawn in data protection has risen in EU. This is the case due to the introduction of the General Data Protection Regulation (GDPR) that has become binding and directly applicable in all EU Member States on 25 May 2018. As GDPR comes into effect it will significantly strengthen a number of rights: Individuals will find themselves with more power to demand companies reveal or delete the personal data they hold; regulators will be able to work in concert across the EU for the first time, rather than having to launch separate actions in each jurisdiction; and their enforcement actions will have real teeth, with the maximum fine now reaching the higher of €20 million or 4 percent of the company’s global turnover.
Some of the key questions before Indian companies doing business with EU is will be What data security requirements are laid down by the GDPR; Challenges brought by the Regulation to your security approach and how to identify appropriate security, unique to your organization; What are the three critical components enabling appropriate breach notification capability – and a strong security approach; How the GDPR is an opportunity for business enablement; Is Indian Business ready for GDPR?