Indian companies should brace up for new data protection regulation in Europe: PwC

EU General Data Protection Regulation which comes into effect from 25 May 2018 will influence global markets and multinationals

Indian companies need to ready themselves for EU General Data Protection Regulation (GDPR), which comes into effect from 25 May 2018, said global consultancy firm PwC.

The EU GDPR will usher a new data and privacy protection regime to give regulators unprecedented power to impose fines, requiring large-scale privacy changes across organisations – including India-based companies- if they conduct business in Europe, it said.

A survey by the consultancy firm shows that 56 per cent companies have an overall information security strategy, while 53 per cent still require employee training on privacy policy and practices.

It noted that 51 per cent companies have an accurate inventory of personal data, 49 per cent limit personal collection, retention and access to the minimum necessary, and 46 per cent require third parties to comply with their privacy practices.

“It is important for Indian companies to brace up their security which will help them embrace GDPR. It is important for the companies to inform and educate their key stakeholders on the impact, enabling right planning of resource allocation with a right time-frame,” said Sivarama Krishnan, Leader, Cyber Security, PwC India.

Under GDPR, all organisations will have to report specific types of data breaches to the supervisory authority and, in some cases, to the individuals affected, PwC said. Reporting of breaches to individuals is critical in the case of high-risk data where the breach could typically result in discrimination, damage to reputation, financial loss or loss of confidentiality to the individuals affected, it said.

Print Friendly, PDF & Email

No comments yet

Post a Comment


Leave a Comment

Your email address will not be published