• About Us
  • Advertise
  • Write For Us
  • Amazon Disclosure
  • Contact Us
Tech News, Magazine & Review WordPress Theme 2017
  • Small Business
    • Biz Tech
    • Marketing
    • Sales
  • IoT
  • BYOD
  • IT
    • Big Data
  • Security
  • Software
  • Internet
    • Web Apps
    • Social Media
  • Mobile
    • Android
    • iOS
  • Gaming
  • Other
    • Gadgets
    • Blogging
    • VOIP
No Result
View All Result
  • Small Business
    • Biz Tech
    • Marketing
    • Sales
  • IoT
  • BYOD
  • IT
    • Big Data
  • Security
  • Software
  • Internet
    • Web Apps
    • Social Media
  • Mobile
    • Android
    • iOS
  • Gaming
  • Other
    • Gadgets
    • Blogging
    • VOIP
No Result
View All Result
Connection Cafe
No Result
View All Result
Home Internet

GDPR On Data Retention

Richard by Richard
August 11, 2018
Share on FacebookShare on Twitter

GDPR Overview

The General Data Protection Regulation came into effect in all European Union (EU) states on May 25th, 2018. The new legislation aims to standardize data protection across member states and give more rights to the individuals that the data concerns. Any organization that deals with clients or employees who are EU citizens are required to change their business practices, so they become GDPR compliant. One of the major ways in which companies will have to adjust is in relation their data retention policies.

A company’s data retention policies cover what to information is appropriate for them to keep, and how the data should be stored to maintain the privacy of the individual. Conversely, GDPR-compliant businesses must consider what documents must be destroyed, and the most secure and safe way of doing so.

The GDPR guidelines are rigorous, and companies must be thorough in ensuring that their data retention policies are compliant with the legislation. The company’s retention policy must be clear, unambiguous, and cover a wide range of possible scenarios and circumstances. Without clear policies, it is possible that they may meet legal difficulties, or be unable to serve EU customers.

The GDPR legislation recommends that a minimum period for which data is retained by an organization. The article pertaining to data retention, Article 38, states “…the period for which the personal data are stored is limited to a strict minimum…In order to ensure that the personal data are not kept longer than necessary, time limits should be established by the controller for erasure or for a periodic review…”.

This suggests that each company affected by GDPR must update their policies on how much data is stored, and for how long the organization holds on to it. The legislation advocates storing the minimum amount of information that the company needs and storing only the information which relevant to the original purpose of its collection.

GDPR guidelines are specific when they stipulate the manner in which the data is stored. The data should be retained in a form and manner that protects the identity of data subjects. If the individual’s identity is required for the original purpose, the organization must identify them only until the required task is completed. This guideline aims to help protect the anonymity of individuals and introduce EU-wide standards for identity protection for the first time.

GDPR in Practice

Data Controllers in organizations must carefully analyze Article 39 to ensure the requirement for minimization of data and storage is met. GDPR is very strict on the timespan for which data is kept, and for what reasons it is being stored. If it serves no purpose as outlined in its original collection, then there is no viable reason to retain it. Therefore, according to GDPR, it must be safely destroyed.

If it is discovered that data is being held for longer than necessary or being stored when there is no longer a use for it, a hefty fine shall be levied against the organization.

If data is being retained for purposes not part of the reason for its original collection, then the company might well be subject to GDPR-related fines. The fines are controlled to €10-20 million, or 2-4% of the controller’s financial turnover based on the previous year. GDPR lays out the limits for fines, but ultimately it is the relevant supervisory authority who decides the penalty for a specific violation.

GDPR outlines some circumstances in which companies may be justified in retaining data, even if the data subject requests that it is destroyed. Data may be kept if it will one day become valuable, and it is in the public’s best interest that it is retained. Data may be stored for extended periods if it is part of an inquiry of scientific or statistical nature. Similarly, it may be stored if it is of a historical investigation. In these cases, organizations must clearly show that the data is being retained for these stated purposes.

In practice, the storage of data is a key concern when it comes to data retention. GDPR compliant businesses may store their data in-house, or outsources to storage spaces, as long as adequate security measures are in place. Some hard copies will not be able to be stored digitally. Both physical and technical safeguards are necessary to maintain the integrity of the data and ensure that the individual’s privacy is maintained.

Organizations must consider factors such as the cost of storing data, who can access the data and how access to the data will be recorded. New, and potentially expensive, safeguards may need to be installed when it comes to protecting electronic data. Hacking has become a major risk for organizations in many sectors, as sensitive data has a high black-market value. An organization’s data retention policy must clearly state how it stores the data and the safeguards which are in place in order to be GDPR compliant.

Richard

Richard

Related Posts

Internet

What Countries Have the Fastest Internet?

December 16, 2020
Internet

What Is The Best Internet Provider 2020?

August 20, 2020
Internet

How To Improve Your Internet Speed For Better Gaming Experience

June 10, 2020
Internet

AI For Better Geolocation Identification In Online Gaming

October 17, 2019
Next Post

How To Deliver A Blockchain PR Strategy That Drives Results

Recommended

How to Start Diversifying Your Income

January 16, 2021

All You Need To Know About Workflow Mapping

January 11, 2021

Categories

Trending

Rory Brown, Managing Partner of Nicklaus Brown & Co., Talks How AI is Redefining the Virtual Bank Market

October 3, 2019

Henry Todd Stella Describes 5 Best Travel Destinations For New Year’s Eve Celebration

October 31, 2019

How Does Pay-Per-Click (PPC) Advertising Work? WNY Holdings, LLC Explains

October 14, 2019
no wifi games

100+ Best Games without WiFi for Android and iOS

May 6, 2019

Everything You Need To Know About The Hoverwatch Tracker

May 26, 2018

Top 5 Reasons Why Online Gaming Has Become Popular

May 31, 2018

New York Fitness Coach Larry Greenfield Shares 5 Ways to Add Variety to Your Runs

July 24, 2020

Fonemonitor Lets You Track iPhone And Android, Easily And Stealthily Like Never Before

August 25, 2018

How To Unlock LG Stylo 3 Plus For Any Network

July 31, 2017

About

Connection Cafe

Connection Cafe is starting to be the leading voice in the field of new and emerging technologies and digital media.

Categories

Twitter Feed

Recent News

How to Start Diversifying Your Income

January 16, 2021

All You Need To Know About Workflow Mapping

January 11, 2021

Wondershare MirrorGo: The Supreme Option To Mirror iPhone To PC

January 16, 2021
  • About Us
  • Advertise
  • Write For Us
  • Amazon Disclosure
  • Contact Us

© 2019 ConnectionCafe -

No Result
View All Result

© 2019 ConnectionCafe -