Security. Privacy. Peace of mind.
Personal data may not be the first subject matter tied to these three desirable experiences. However, it has steadily emerged as a controversial issue equipped with grave concerns in the digital age. In response, a newfound emphasis on user consent has emerged as the vehicle for the change. For far too long, the topic of user consent has been sidestepped like a luxurious buzzword, hiding its true implications in the complex terms and conditions statements very few read, let alone fully digest. Furthermore, this has enabled tech titans to exploit the highly-personal information of their customers for lucrative gain. Here is the General Data Protection Regulation (GDPR). The first of many proactive efforts ushered in a new era of digital privacy on Friday, May 25th, 2018.
What is the GDPR?
According to CSO, “GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens.” This data includes basic identifiers like name, address, and ID numbers; web information, such as location, IP address, and cookie data; health, genetics, and biometrics data; racial, ethnic, and sexual orientation data; and even political views. As a result, this has launched businesses into action. For example, it enacted key changes to practices affecting personal privacy, controls/notifications, transparency of policies, information technology, and training.
Who does the GDPR affect?
Wait – this only applies to Europe, right? Wrong. And failure to comply could prove both dangerous and costly. The GDPR applies no matter where you are located. More specifically, this includes companies with a presence in an EU country; no EU presence, but using EU resident data. Furthermore, this includes over 250 employees and under 250 employees, when the effect of data-processing extends to sensitive personal information.
How has LTi responded?
Next, the GDPR seeks to help the good guys to do right by their customers. All the while protecting us from malicious cyberattacks by bad guys around the globe. This leads us to LTi’s proactive approach to compliance. From the latest FASB Lease Accounting Standards in February 2016 to present, we strive to deliver maximum transparency to our customers. Here are the eight core GDPR requirements affecting what we do at LTi. This goes along with the actions we’ve taken to ensure unwavering compliance ahead.
LTi’s compliance solutions in ASPIRE abide by the following GDPR Requirements:
- International data transfers
- Request consent to collect personal data
- Retain personal data records
- Share Personal Data with Individuals or Controllers Upon Request
- Individual Right to Erasure
- Additional Product and Service Security Measures
- Data Breach Notification
- Lawful Basis for Processing Personal Data
LTi’s Commitment to Security
Lastly, at LTi, we are steadfast in our commitment to the security, privacy, and peace of mind our customers experience when working with us. Furthermore, the GDPR’s emphasis on consent of personal data and transparency will only advance our mission. This will undoubtedly pave the way for similar, progressive initiatives to make our world a better place online.