DM1711

Dm TECHNOLOGY: OBJECT STORAGE
GDPR is coming - can object
storage play a role?
Cloudian CMO Jon Toor considers the potential impact
of object storage approaches on data management and
accessibility in the 'new age' of the EU GDPR
There is a view abroad that the EU's
General Data Protection Regulation
(GDPR), which comes into effect on
25th May 2018, applies only to Europe.
This misunderstanding may arise because
the GDPR has been designed to
harmonise data privacy laws across
Europe, bolster privacy protection for EU
citizens and give them more control over
how their data is used.
But, GDPR applies to all companies and
organisations that use or store the
personal information of EU citizens,
wherever they store that data, whether in
the EU or outside it.
All organisations need to be aware that
the regulation stipulates data belongs to
the individual, not the company holding
the data. Individuals can access their
personal data and request changes. They
even have the right to ask to be
forgotten. If the company involved can't
show a legitimate reason to retain that
person's data, the individual can request it
is deleted without "undue delay". If the
organisation doesn't have a clear view of
that data and where it is stored, that
could be a significant problem.
People also have the right to
compensation if their rights are violated.
Organisations can only hold information
for as long as it's required. In many cases,
to ensure personal data is not
compromised, they will need to appoint a
Data Protection Officer (DPO).
A HEFTY PRICE TO PAY
Failure to meet the regulations could be
extremely costly. Any breach of GDPR has
to be reported to the relevant authority
within 72 hours of the organisation
becoming aware of the issue. If it fails to
do so, the organisation could be subject
to a penalty fine of as much as 10 million
32
@DMMagAndAwards
November/December 2017
www.document-manager.com