Is Apple bringing GDPR to the US?

Not so long ago, Apple CEO, Tim Cook condemned the ‘weaponization’ of private data and called for the U.S. to adopt privacy laws similar to the EU’s GDPR. This would mean that any organization that trades with or sells to the US or any European country could face enormous fines if they mishandle or misuse data.

Why is this worrying?

Currently, 75% of organizations in the US do not know whether or not they are GDPR compliant. That’s a huge majority of organizations that are annoying potential customers by contacting them in outdated ways, keeping themselves vulnerable to cyber attack, and risking a fine of at least €20 million (US $22,794,620).

What’s interesting about this is that organizations are rarely actively avoiding GDPR compliance, the majority of organizations that reported not being compliant weren’t sure what it entailed or how they could change their practice to comply. We’ve put together some basic tips to help.

The top priorities that an organization needs in order to become GDPR complaint are:

Is my data secure?

Are enough people opting in to our marketing materials?

Are we contacting cold contacts/leads correctly?

Data Security

Data security at the edge and for SME datacenters can be as simple as encrypting at the storage level. By not using the cloud, you’re minimizing the possibility of being hacked. But, you should be concerned that someone could physically steal your servers and if so, could they get data from them? If they can, then maybe you should consider data encryption as a way of protecting your organization from a breach.

Opting in and cold calling (primarily concerns for your marketing and sales teams but this might be helpful to them)

Common issues like low opt in can be remedied by rethinking your data consent forms, to include more options on the type of communication they’d like to receive, rather than a blanket opt-in/out.

The way that organizations contacts leads is changing, a lot of companies have leveraged GDPR to make the way they sell more innovative; mixing a post GDPR approach to cold calling with enhanced inbound sales methods (making sure that your website is perfect, that your marketing team is engaging potential customers through content etc) and harnessing social media to contact potential prospects.

If you’re interested in finding out more about secure storage at the edge then check out SvSAN with Data Encryption.