MSPs need to know about the GDPR. Here are the reasons why
In the past 2-3 years much has been said and written about the GDPR – the EU General Data Protection Regulation. At this point, what we do know for sure is that the GDPR will become effective in the summer of 2018. It is time for companies all over Europe (and the world, actually) to prepare for how they are going to reach compliance.
But right now, take 2 minutes to discover why you as MSP need to pay attention to the GDPR.
Why MSPs need to pay attention
First of all, in this instance the cost of ignorance might be too high to pay. In a later blog post, we will touch on the financial damage that companies might suffer if they fail to comply with the new data regulation. However, we are not overstating by saying the repercussions would be quite dramatic if any small to midsize company (the standard size for an MSP) were to be confronted with such fines.
The GDPR carries a very big stick, which is one reason to raise your eyebrows. Another one is that the majority of european companies are going to be affected by the new regulations. Most MSPs definitely are. It pretty much comes with the territory when your company is based on a datacenter.
The new EU data law is not sector-specific. Companies from other parts of the world, North America for instance, might be used to privacy laws that relate to just a couple of different industries. That is not the case with the GDPR. It is all-encompassing.
And considering the new definition of ‘personal data’ (we’ll get back to his later) and the accompanying ‘rights’ of all EU citizens (we’ll get back to these as well), it is hard to imagine any MSP that won’t need to adjust in the near future.
Not only is the GDPR blind to sectors. The data protection laws field the same requirements to small and midsize businesses and grand multinational companies alike. Regardless of size, organisational model and staff expertise, companies need to develop procedures for how to comply with the GDPR.
And that, in a nutshell, is what MSPs need to understand about the GDPR: There is really no escaping it.
– Companies that breach the new EU data protection laws will face severe fines.
– GDPR is unbiased. Companies are expected to meet requirements regardless of which sector they’re in.
– Being a small to midsize business, with little legal expertise, won’t get companies off the hook.