Get a Quote

How GDPR Can Affect Your Business and Your Data

Created to provide you with enhanced control over your personal information and further protect you from a cyber attack, the European Union’s new General Data Protection Regulation (GDPR) went into effect earlier this year. GDPR standardizes data privacy laws across Europe while increasing the transparency with which organizations, even those in Rochester NY, approach this hot-button issue.

The GDPR claims that the protection of your personal data, like the cyber security solutions offered by CMIT, is a fundamental right. Operating under the assumption that data collection and processing are the backbone of modern business, GDPR sets out to shield data from bad actors along every step of the information superhighway. The consequences for businesses who breach the regulations are steep: up to 20 million Euros or 4% of a company’s total global revenue. And businesses seem to be embracing the increase in protection and cyber security for their customers.

More than 90% of American C-level executives consider GDPR compliance “a top priority” on data privacy and security agendas, according to a PricewaterhouseCoopers survey in 2017. Similarly, a survey conducted in 2017 by the International Association of Privacy Professionals found that 84% of US respondents expected to be prepared for GDPR by May 2nd. So, American companies are paying attention.

How will GDPR affect businesses in Rochester, NY and Monroe County?

Data can be transmitted around the globe in seconds. Under GDPR regulations, EU citizens will be protected no matter where their data travels. So if your business in Rochester  maintains a database of information that includes EU residents—or uses the Internet to market targeted goods or services to EU residents—that information is bound by GDPR rules. Rochester companies with a global focus (hospitality, travel, software, and e-commerce) can either stop providing services to EU users altogether, or implement specific processes with the help of an IT consultant to ensure compliance.

Are you GDPR compliant? Find out how CIMT Solutions can help

What can your company do to prepare?

New processes, standards, and safeguards for handling data and protecting from cyber attacks will likely become the baseline thanks to GDPR. But businesses that already take privacy-related threats seriously will do better moving forward, no matter how they’re enforced in the United States, Canada, the European Union and beyond.

For now, consider these basic strategies when contemplating GDPR’s impact on the future of data privacy and information security:

1.Work with a trusted IT consultant to audit your current data privacy system

The best way to understand GDPR and its compliance requirements is to work with an IT consultant or have trusted IT solutions in place to conduct an accurate assessment of your present processes. Doing so can help you identify high-risk areas and fix any problems, whether they relate to GDPR or not.

2. Conduct staff training and education

3. Deploy IT solutions that will make data privacy stronger

The number of tools is endless, but multi-layered defenses are now the norm. Consider data encryption, strong firewalls, anti-malware and anti-spam software, network management, proactive monitoring, email archiving, and regular data backup as must-haves for any modern business.

Need help choosing the right defense for your business? Call (585) 206-8528 to talk to a CMIT Solutions expert.

4. Work with third-party providers who are GDPR-compliant

This includes email service providers, customer relationship management software, and outside agencies that assist your company with its data. Similar to HIPAA rules in the United States, you can be held responsible for data breaches made by data processors you work with.

5. Use compliance as a selling point

The average Rochester consumer may not know much about GDPR. But in this day and age, demonstrating that your company adheres to stringent data privacy regulations can be a major selling point. Once an IT consultant helps your company enhance its cyber security, don’t be afraid to use such compliance as a competitive advantage.

The global shift in privacy laws is coming

While GDPR only applies to your customers in European, the stage is set for a global shift in data privacy laws. Taking such concerns seriously is imperative for any business, big or small, with its eye on the future—so why not work now to make data more secure instead of waiting to become a data breach headline down the road?

If you have questions about your company’s current state of cyber security, contact CMIT Solutions today. We worry about IT so you don’t have to.


We can help. Whatever your technology problem is, chances are, we've seen it before.