Just as information security professionals around the world prepared for conferences and other activities to observe Data Privacy Day on January 28, a report from the European Union with regard to the General Data Protection Regulation indicated that only 29 percent of new companies are properly encrypting the data they collect from their customers. Likewise, only 34 percent of new European companies have implemented notification systems to let clients know their personal information may have been compromised due to a data breach.
Corporations Collecting Massive Amounts of Data
In the United States, a few multinational companies that have European offices or that collect information from customers across the Atlantic are scrambling to comply with GDPR, a law that has penalties as severe as forfeiting four percent of annual business revenue. Data privacy has always been a more delicate issue in the European Union than in the United States; however, it is important to note that the passage of the Health Insurance Portability and Accountability Act has planted a legislative seed that could vastly expand in the near future.
HIPAA directs medical and dental practices to comply with a set of data protection measures that in many cases extend to the vendors they work with. Health care professionals often grumble about the burden of HIPAA, and this discontent is even more pronounced among vendors who work with providers of medical and dental services. The fact of the matter is that the measures required by laws such as HIPAA and GDPR are actually good for the companies that must abide by them.
Protect Local Businesses From Data Breaches
What business owners in the High Desert must realize is that data privacy is not as challenging as it may sound. Installing and managing a HIPAA compliant email system, for example, is essentially the same as a secure email server with certain reporting, archiving and backup measures that comply with HIPAA directives.