The European Union General Data Protection Regulation (GDPR) which took about 4 years of negotiation, is 200 pages long and was adopted in April of 2016. It will be in full force on the 25th of May 2018 for all EU countries, no ratification is needed. The GDPR succeeds the EU Data Protection Directive (officially EU Directive 95/46/EC) on the protection of individuals with the regard of processing personal data of European citizens and on the free movement of such data. The new law represents a fundamental shift in the balance of rights and obligations between consumers and businesses. There are a number of new elements to consider, including broader definitions of personal data and new rights for consumers in terms of data portability, requirements to notify customers – as well as authorities – of data breaches, and higher standards for obtaining and managing consent. While significant larger fines will apply when companies are not in compliance, the major shift in the law is about giving consumers control over their personal data. So, in conclusion, you can’t get around it, and by the way, Brexit will not be finished by then so also UK citizens will be protected by this law.
GDPR and their effect on IAM blog series
In a series of 9 blogs, we will dive deeper into the specific parts of the GDPR and their effect on IAM.
8 – Data breach communication – in progress
9 – Children’s privacy under GDPR – in progress
What are the key differences between GDPR and EU Directive 95/46/EC
GDPR-compliancy can feel daunting, reach out today and let us help you get ready with a solid CIAM strategy
iWelcome CIAM with Consent Lifecycle Management as its core enables frictionless customer journeys at scale.
The General Data Protection Regulation (GDPR) carries huge challenges for companies. All business activities which include personal data must comply with the GDPR, consumers have extended rights under the GDPR and the scope and definition of what is personal data and how it can be used are changed.
Complying with these challenges requires businesses to do a full audit of their existing data protection policies, procedures and practices. This has a massive impact on IT – in particular on master data management of personal data, its attributes and related metadata and its processing.
The need for a single view of the customer is not new, but regarding GDPR compliance it has reached a new level of criticality and urgency. Consumer-facing lines of businesses have to build a culture of privacy to become trustworthy. It’s a challenging task but has the potential to differentiate your organisation.
iWelcome equips you with a powerful CIAM platform providing the foundation and critical capabilities you need to build better and transparent value propositions, build a culture of privacy and for achieving compliance by the 2018 deadline.
iWelcome CIAM Proposition
The iWelcome CIAM service is the only IDaaS built with all the requirements of the European General Data Protection Regulation (GDPR) in mind, therewith delivering the foundation for privacy assurance and GDPR compliance as a standard part of our service. The iWelcome CIAM Service combines best-fit IAM capabilities with cloud identity and Consent Lifecycle Management from pseudonym to know to trusted identities at its core. It offers the basis for engagement with your consumers at any time and place in their journey: a single view on personal data – being transparent for the company as well as the consumer.
The service includes core capabilities such as user self-service, flexible attribute management, consumer profile & preference management, identity & marketing analytics, a Lifecycle API and technical security measures to build maximum flexibility into every step of the customer journey and to protect personal data.