The RGPD, General Data Protection Regulation, will apply from May 25, 2018. This directive protects EU citizens: any company processing data of these nationals must comply with this regulation. We, the Swiss companies, are therefore also concerned if you process data of these nationals, even before the adaptation of the RGPD in the future revised Data Protection Act. Discover the main changes brought about by this directive, our advice to make you comply … and how Net4All fits!
Security of personal data: a better distribution of responsibility
There are two distinct parts to the protection of personal data. The first is the controller, who determines the purposes and means of data processing: for example, you, who collect data as part of your business. The second is the subcontractor, who performs the actual processing of data: it is your host, your publisher, your web agency … In the case where the processing of personal data is not entrusted to a provider, these two parts are naturally combined into one.
Until now, the controller was fully responsible for the data he has, the only organization legally “guilty” in case of data theft for example.
RGPD – shared responsibility
From May 25th, the RGPD will change the situation. The responsibility for the protection of personal data will be shared between the controller, or the sponsor, and the subcontractor, or “the performer”. The latter becomes responsible for the data it processes for you, and must, therefore, ensure its compliance with the directive as well as you. Previously, even if your provider made a mistake, it was you who was responsible for not paying enough attention to it; European supervisory institutions will soon be able to send it directly in case of misconduct.
This does not prevent, on the contrary, to choose your providers. They also become partners for the protection of your data and those of your customers … They must, of course, be in compliance with the European regulation on data protection, but also have an accompanying role to get you up in skills on the subject, if you do not have the expertise of this type internally. In addition to technical input, pedagogy, transparency and trust are important elements to consider.
How to protect your data? Benefit from the experience of experts
The RGPD is a legal directive, with more organizational and legal than technical impacts. We advise you to consult the guidelines of the European institutions, to appoint a Data Protection Officer, and to be accompanied by a lawyer or a lawyer. Many are specialized on the subject!
At Net4All, the provider of computer security and hosting services, we chose this path! Our expertise does not allow us to advise you on the subject. Once your risk analysis has been carried out, however, we are qualified to assist you in the technical security of your data: how to achieve the necessary level of security according to your challenges? Is your system secure enough in relation to the criticality of your data? What improvements can it make and how to put them in place? These are the answers to these questions that our experts will bring you while making you understand their actions and recommendations.
“Together, let’s make the digital world safer” is our vision. Data security is built hand in hand with you! Our experts accompany you on your rise incompetence, and you help us improve daily. Transparency is a very important concept for Net4All, and we encourage our customers to audit us regularly to stay on top and satisfy you as much as possible.
Data protection: Net4All adapts to European requirements
For 2 years, date of publication of the RGPD, Net4All is preparing for the deadline of May 25, 2018. A Delegate for Data Protection has been appointed, and we are gradually integrating new regulations into our processes. Currently, we are putting in place a register of the treatments carried out on the data of our customers, as well as a list of the services subscribed by these last ones. Our general conditions of sale and contracts are being revised to meet the GDPR, for more transparency on these complex issues.