The General Data Protection Regulation (GDPR) deadline has passed and many organizations are still unsure if GDPR effects them, or how to prepare.
To help you better understand what GDPR is and why these changes affect North American organizations we enlisted the help of Vidyard’s Senior Counsel and Privacy Officer – Jonathan Dunlop to break down what you need to know about GDPR. Check out the video below to learn more.
What Is GDPR?
GDPR is a harmonized set of privacy regulations that protect EU residents. EU residents will receive enhanced privacy rights, and those holding their information will have to obey strict rules around transparency and accountability.
EU Citizens will now have the right to ask any organization that collects their data to:
- Show them all the data you have on them
- Request changes to the data you’ve collected on them
- Remove all their data to move to another system
- Forget/delete all data you’ve collected on them
When Do You Need To Be Compliant?
GDPR went into effect May 25th, 2018. In our experience becoming compliant is a time-consuming effort that takes a lot of company-wide resources to complete. So if you haven’t started yet it, it’s time to get onboard.
Does GDPR Affect North American Organizations?
The quick answer to this is YES! A lot of organizations seem to think that because they do not directly work in the EU that GDPR does not apply to them, this is a dangerous mindset to have.
Look at your website for a simple example. Websites are not geo-restricted so if a user from the EU visits your site and fills out a form you are affected. Or if your customers are using your service/software and collect any data from EU citizens—GDPR affects you.
So be sure to double check that you, and your customers, are not collecting any form of data from EU citizens before you assume GDPR doesn’t affect you.
What Is Vidyard Doing To Be Compliant With GDPR?
Leading up to the deadline, our legal, privacy, and development teams worked hard to ensure we were mapping out requirements for GDPR and building any updates needed into our product roadmap.
The goal is to make this a self-serve, efficient process for our customers where they will be able to manage data requests directly from their Vidyard account, on our platform.
This includes things such as;
- Providing necessary tools to facilitate data requests right within Vidyard
- Releasing API’s helping automate & fulfill data requests from individuals
- Hosting that works within your website data collection policies
- And more
What Are The Top 3 Takeaways?
- Severity Of Fines
- The fines for violating GDPR can be as high as €20,000,000 or 4% of a company’s annual global turnover. This is a huge amount that would have a great impact on any organization regardless of size. So even if you don’t think GDPR affects your organization, you shouldn’t risk it and take the time to double check that you are covered.
- Your Customers
- Even if you as a company don’t have direct interactions with data subjects located in Europe you need to double check if your customers do. If you are receiving any sort of data from your customers that involves personal information regarding individuals located in Europe, GDPR definitely applies to your handling of this data. If they haven’t already, your customers will be asking you what you’re doing to be GDPR compliant.
- Your MarTech/SaaS/Vendors
- As a customer using SaaS or MarTech services, you want to make sure you’re talking to your own vendors to make sure they have a good grasp on GDPR. They should have a roadmap in place and can give you more of an answer than “We plan to be compliant by May 25th”. We have less than two months until this goes into effect and based on the enormity of the requirements of the GDPR, your vendors should be working on compliance by now, if not be compliant already.
Be sure to visit our Knowledge Center to learn more about what Vidyard is doing to be GDPR compliant. If you’re already a Vidyard customer or partner, please contact your account manager if you have any further questions, comments or suggestions. If you don’t yet have a business relationship with Vidyard, please drop us a line at firstname.lastname@example.org.