Learn about the tools available within your OpenEdge application to consider as you address certain GDPR requirements.
The European Union’s General Data Protection Regulation (GDPR) goes into effect on 25 May 2018 and will have a significant impact on many businesses. While we can’t ensure your GDPR compliance, we’re sharing information about the tools available within your OpenEdge application to consider as you address certain GDPR requirements. ISVs should bear in mind that many companies will be seeking solutions that help them address the requirements of the GDPR when buying or renewing IT products and services.
GDPR aims to enhance privacy and strengthen data protection rights of EU citizens by requiring companies to take appropriate measures to secure personal data that they collect, process and/or store. Under the GDPR, personal data means any information relating to an “identified or identifiable natural person.” Some characterize the GDPR as legislation of what might be considered commonsense data practices, including:
The GDPR expands the rights of the individual, including the rights of rectification, data portability and erasure:
The GDPR isn’t exclusive to businesses based in the European Union. It applies to any organization that collects, processes and/or stores personal data of EU citizens, regardless of where that organization is geographically located.
Depending on the nature of the violation, fines associated with non-compliance can reach €20 million or four percent of annual global turnover, whichever is greater.
The first step in an organization’s GDPR journey should be to ensure that a systematic approach is in place to assess the organization’s current technology. The April 2017 Forrester report, “Five Milestones to GDPR Success” can help identify key milestones to achieve before the GDPR deadline.
Some questions to ask are:
OpenEdge features and functionality to consider as you assess your GDPR compliance efforts:
Privacy by Design and Privacy by Default are fundamental requirements of the GDPR and require that organizations implement appropriate technical and organizational measures designed to protect data.
Securing personal data is one of the “common sense” protocols alluded to earlier—ensuring data security at rest, maintaining security protocols and data access authentication and authorization.
GDPR is a significant and far-reaching change to EU privacy regulations, and it’s recommended that organizations take steps to avoid potential costly repercussions. Those steps include:
Tanya O’Connor is a former senior director of product marketing at Progress.
Subscribe to get all the news, info and tutorials you need to build better business apps and sites
You have the right to request deletion of your Personal Information at any time.
You can also ask us not to pass your Personal Information to third parties here: Do Not Sell My Info
Let our experts teach you how to use Sitefinity's best-in-class features to deliver compelling digital experiences.