The General Data Protection Regulation (GDPR) is almost here and many organizations are still unsure if GDPR effects them, or how to prepare.
To help you better understand what GDPR is and why these changes effect North American organizations we enlisted the help of Vidyard’s Senior Counsel and Privacy Officer – Jonathan Dunlop to break down what you need to know about GDPR. Check out the video below to learn more.
What Is GDPR?
GDPR is a harmonized set of privacy regulations that protect EU residents. EU residents will receive enhanced privacy rights, and those holding their information will have to obey strict rules around transparency and accountability.
EU Citizens will now have the right to ask any organization that collects their data to:
- Show them all the data you have on them
- Request changes to the data you’ve collected on them
- Remove all their data to move to another system
- Forget/delete all data you’ve collected on them
When Do You Need To Be Compliant?
GDPR goes into effect May 25th, 2018. In our experience becoming compliant is a time-consuming effort that takes a lot of company-wide resources to complete. So although you have some time, if you haven’t started yet it will be hard to meet that deadline.
Does GDPR Affect North American Organizations?
The quick answer to this is YES! A lot of organizations seem to think that because they do not directly work in the EU that GDPR does not apply to them, this is a dangerous mindset to have.
Look at your website for a simple example. Websites are not geo-restricted so if a user from the EU visits your site and fills out a form you are affected. Or if your customers are using your service/software and collect any data from EU citizens—GDPR affects you.
So be sure to double check that you, and your customers, are not collecting any form of data from EU citizens before you assume GDPR doesn’t affect you.
What Is Vidyard Doing To Be Compliant With GDPR?
For the last year, our legal, privacy, and development teams have been actively working to ensure we’re mapping out requirements for GDPR and building any updates needed into our product roadmap.
We’re striving towards making this a self-serve, efficient process for our customers where they will be able to manage data requests directly from their Vidyard account, on our platform.
This includes things such as;
- Providing necessary tools to facilitate data requests right within Vidyard
- Releasing API’s to help automate & fulfill data requests from individuals
- Hosting that works within your website data collection policies
- And more
What Are The Top 3 Takeaways?
- Severity Of Fines
- The fines for violating GDPR can be as high as €20,000,000 or 4% of a company’s annual global turnover. This is a huge amount that would have a great impact on any organization regardless of size. So even if you don’t think GDPR affects your organization, you shouldn’t risk it and take the time to double check that you are covered.
- Your Customers
- Even if you as a company don’t have direct interactions with data subjects located in Europe you need to double check if your customers do. If you are receiving any sort of data from your customers that involves personal information regarding individuals located in Europe, GDPR definitely applies to your handling of this data. If they haven’t already, your customers will be asking you what you’re doing to be GDPR compliant.
- Your MarTech/SaaS/Vendors
- As a customer using SaaS or MarTech services, you want to make sure you’re talking to your own vendors to make sure they have a good grasp on GDPR. They should have a roadmap in place and can give you more of an answer than “We plan to be compliant by May 25th”. We have less than two months until this goes into effect and based on the enormity of the requirements of the GDPR, your vendors should be working on compliance by now, if not be compliant already.
To learn more about what Vidyard is doing to be GDPR compliant, click here! If you’re already a Vidyard customer or partner, please contact your account manager if you have any further questions, comments or suggestions. If you don’t yet have a business relationship with Vidyard, please drop us a line at email@example.com