Why you need a secure ITAD program to comply with GDPR.
The one certainty with the EU’s new General Data Protection Regulation that takes effect this week is that it is complicated.
It seemed like there was plenty of time to prepare for compliance when the GDPR was adopted in April 2016, but numerous studies since have shown that many organizations simply aren’t prepared for the new data management and privacy mandate.
For those that aren’t, there are some elements of the GDPR that you need to be immediately aware of.
The goal of the GDPR is to strengthen and harmonize data protection for all citizens in the European Union. Data-containing devices have become more ubiquitous, so the GDPR updates the EU law to reflect these changes. Many parts of the GDPR are not necessarily new but are strengthened and unified throughout the EU.
The GDPR is an update to The European Data Protection Directive 95/46/EC which was adopted in 1998. In 1998 smartphones didn’t exist and the internet was still relatively new. The world has since seen a revolution in technology reliant on back-end data centers. With all this change, the GDPR is an attempt to provide a set of regulations that will reflect the state of technology today.
Information Management recently posted an article from one of our in-house IT experts, Michael Rostad. As the Global IT Director, Mr. Rostad provided insight on this new regulation and outlined the GDPR as it relates to IT asset disposition (ITAD). The key takeaways include the following:
- GDPR will be enforced as a regulation.
- No business will be excluded from this regulation.
- Penalties for non-compliance will be severe.
- This regulation is focused on improving data management.
- ITAD programs help manage data stored on retired IT assets.
Read the full article which was originally posted in the “opinion” section of Information Management, on their site webpage.