GDPR In The Workplace And How To Implement It

As one of the world’s largest social media sites faces backlash from sharing private consumer information with an analytics site, it should be no surprise that regulatory agencies are taking extensive steps to keep companies from invading the privacy of customers and others who visit their websites.In particular, the 28 nations of the European Union have banded together to create new data regulations to keep its citizens safe from invasive advertising.

The General Data Protection Regulation (GDPR)是自1995年以来欧盟的第一次数据安全改进。它旨在保证欧盟的消费者不必担心他们敏感的私人信息正在向第三方传递。

As a business owner, these new regulations put the responsibility on you to keep your customer’s information safe. GDPR will affect companies globally, as it refers to the processing of data of European citizens, regardless of where the company in question is based.

Implications of the GDPR


If you require visitors to register with your site or provide personal information like their phone number, email address or credit card number, you will be required to follow the new regulations. And if you’re not sure who your audience is or how much information they provide, it would be wise to adhere to the GDPR, since the fine for failing to comply are extensive, up to€10 million or 2% of your company’s global revenuefor a simple infringement.

Components of the General Data Protection Regulation

The new regulations for business owners in the United States require them to carefully consider how they track and store consumer information, as well as what they do with information once they have received permission to use it. Included in thenew regulations:

  • Consumers who visit your website must give you “explicit” permission to use their private information, and you must be specific about what you will be using it for. You cannot simply provide a link to a legal document providing the terms and conditions, but must provide a check mark box or text box where they can specifically consent to giving information.
  • You will have to have permission from the consumer for each step of processing done with their personal information. For example, not only must they consent to giving you their private information, but you must have their permission if you plan to share their information with marketing executives or third parties.
  • If information has been compromised or lost by your company, you have 72 hours to report this breach to an EU regulator or other supervising regulatory agency. This includes information that is accidentally provided to a third party or has been viewed by unauthorized people, even if those people were in your own company.
  • If private information such as a person’s credit card number or bank information is leaked, you will also have to inform the customer of the breach of information.

What this means for your business

If you have a large Internet presence, you probably already have data security protocol in place, such as ISO 27001 or PCI DSS, but if you don’t, this is the time to invest in such standards to save yourself the inconvenience and cost of a possible breach of information.

To protect yourself, you can also put a Security Information and Event Management (SIEM) tool into place. This will allow you to follow a procedure intended to keep private information secure.

[fusion_builder_container background_color = " # eaeaea” background_image=”” background_parallax=”none” enable_mobile=”no” parallax_speed=”0.3″ background_repeat=”no-repeat” background_position=”left top” video_url=”” video_aspect_ratio=”16:9″ video_webm=”” video_mp4=”” video_ogv=”” video_preview_image=”” overlay_color=”” overlay_opacity=”0.5″ video_mute=”yes” video_loop=”yes” fade=”no” border_size=”1px” border_color=”#d3d3d3″ border_style=”solid” padding_top=”20px” padding_bottom=”20px” padding_left=”10px” padding_right=”10px” hundred_percent=”no” equal_height_columns=”no” hide_on_mobile=”no” menu_anchor=”” class=”” id=””][fusion_builder_row][fusion_builder_column type=”1_3″ last=”no” spacing=”yes” center_content=”no” hide_on_mobile=”no” background_color=”” background_image=”” background_repeat=”no-repeat” background_position=”left top” hover_type=”none” link=”” border_position=”all” border_size=”0px” border_color=”” border_style=”” padding=”” margin_top=”” margin_bottom=”” animation_type=”” animation_direction=”” animation_speed=”0.1″ animation_offset=”” class=”” id=””][fusion_imageframe lightbox=”no” lightbox_image=”” style_type=”none” hover_type=”none” bordercolor=”” bordersize=”0px” borderradius=”0″ stylecolor=”” align=”center” link=”” linktarget=”_self” animation_type=”0″ animation_direction=”down” animation_speed=”0.1″ animation_offset=”” hide_on_mobile=”no” class=”CTABottomBlog” id=””][/fusion_imageframe][/fusion_builder_column][fusion_builder_column type=”2_3″ last=”yes” spacing=”yes” center_content=”no” hide_on_mobile=”no” background_color=”” background_image=”” background_repeat=”no-repeat” background_position=”left top” hover_type=”none” link=”” border_position=”all” border_size=”0px” border_color=”” border_style=”solid” padding=”” margin_top=”” margin_bottom=”” animation_type=”0″ animation_direction=”down” animation_speed=”0.1″ animation_offset=”” class=”innerPageForm” id=””][fusion_text]

Download the white paper and see how you can create an integrated, engaging employee experience using people analytics!


[activecampaign form=1245]


Your email address is private, we will not sell, rent or disclose it to third parties. By submitting your email address, you agree to receive emails on relevant topics from Hppy.


About the author

Tim BeckerPartner at Minneapolis’Johnson // Becker PLLC, and lead sponsor He is committed to providing clients effective, aggressive legal representation, and has prosecuted numerous individual FLSA violation claims.

of Depositphotos Depositphotos Depositphotos