Fujitsu is launching a comprehensive portfolio of services to help organisations comply with the EU General Data Protection Regulation (GDPR). The new legislation, which will come into effect on May 25, 2018, introduces new obligations for all organisations – no matter where they are based – that store, process or analyse personal data of EU residents.
Fujitsu services related to the EU GDPR are aimed at helping organisations to be both aware of and prepared for the new obligations and requirements that the legislation brings. With GDPR, the EU is harmonising existing national data protection regulations and defining a new and extended level of European Data Protection.
The starting point recommended by Fujitsu is to conduct an assessment of the relevant data held today, and where it resides. Together with industry-leading security partners, Fujitsu is offering professional assessments comprised of data inventory scans, to help discover existing GDPR-related data.
By May 2018, businesses around the globe must have established GDPR-compliant policies to process personal data, including how they handle data deletion. GDPR will also bring a set of obligatory steps that include reporting data breaches within 72 hours and notifying affected individuals. These are all areas where Fujitsu is able to provide professional support, including contingency measures and establishing both GDPR-related strategies and clearly defined processes in how to detect and react to data breaches. The penalty for ignoring GDPR and its obligations is a potential fine of up to EUR 20 million or up to four percent of global annual turnover, whichever is the greater, for failure to comply.
Rob Norris, VP Enterprise & Cyber Security, EMEIA, Fujitsu, said: “We believe that GDPR readiness will oblige organisations to carry out thorough preparation, to set up the processes necessary for compliance, as well as supporting alignment of their systems and services with GDPR’s requirements. It is a sweeping set of legislation: GDPR will apply to organisations of all sizes and in all industry sectors – not just those within the EU, but also organisations from outside the EU who process and handle EU citizens’ data.”
Fujitsu is introducing a wide-ranging set of dedicated consultancy and professional services – from readiness reviews through to implementation and managed security services – to help organisations prepare for the GDPR – and to avoid the potential of large fines for lack of compliance, as well as the loss of trust from their customers.