DM1711
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Dm TECHNOLOGY: OBJECT STORAGE<br />
GDPR is coming - can object<br />
storage play a role?<br />
Cloudian CMO Jon Toor considers the potential impact<br />
of object storage approaches on data management and<br />
accessibility in the 'new age' of the EU GDPR<br />
There is a view abroad that the EU's<br />
General Data Protection Regulation<br />
(GDPR), which comes into effect on<br />
25th May 2018, applies only to Europe.<br />
This misunderstanding may arise because<br />
the GDPR has been designed to<br />
harmonise data privacy laws across<br />
Europe, bolster privacy protection for EU<br />
citizens and give them more control over<br />
how their data is used.<br />
But, GDPR applies to all companies and<br />
organisations that use or store the<br />
personal information of EU citizens,<br />
wherever they store that data, whether in<br />
the EU or outside it.<br />
All organisations need to be aware that<br />
the regulation stipulates data belongs to<br />
the individual, not the company holding<br />
the data. Individuals can access their<br />
personal data and request changes. They<br />
even have the right to ask to be<br />
forgotten. If the company involved can't<br />
show a legitimate reason to retain that<br />
person's data, the individual can request it<br />
is deleted without "undue delay". If the<br />
organisation doesn't have a clear view of<br />
that data and where it is stored, that<br />
could be a significant problem.<br />
People also have the right to<br />
compensation if their rights are violated.<br />
Organisations can only hold information<br />
for as long as it's required. In many cases,<br />
to ensure personal data is not<br />
compromised, they will need to appoint a<br />
Data Protection Officer (DPO).<br />
A HEFTY PRICE TO PAY<br />
Failure to meet the regulations could be<br />
extremely costly. Any breach of GDPR has<br />
to be reported to the relevant authority<br />
within 72 hours of the organisation<br />
becoming aware of the issue. If it fails to<br />
do so, the organisation could be subject<br />
to a penalty fine of as much as 10 million<br />
32<br />
@DMMagAndAwards<br />
November/December 2017<br />
www.document-manager.com