Plan now for the EU's privacy regulation revolution, says HPE exec

The EU's personal data protection laws don't change until May 2018, but HPE is launching its compliance tools now

The cost of complying with the European Union's General Data Protection Regulation might seem like something best deferred until it enters force in 2018 -- but working on compliance just might boost profit, not reduce it.

The GDPR, the EU's latest rewrite of its data privacy laws, doesn't enter effect until May 25, 2018, but already IT companies are talking up their software and services for complying with the new rules.

It's not just an issue for EU enterprises: Any company processing the personal information of EU citizens is affected.

What those companies can do with that information is more tightly controlled than before. Collection and processing of sensitive information is only allowed if the person concerned opts in, unless the information processing is necessary to fulfill a contract or to protect the person's vital interests.

That contract fulfillment provision isn't a catch-all, either: If someone wants to buy a pair of sunglasses online, you can't insist that they tell you their shoe size, for example, before accepting their order. The data collection has to be necessary.

Businesses not only have to protect their customers' data, they have an obligation to tell them if they slip up. Data breaches that pose a significant risk to those concerned must be disclosed within 72 hours.

The cost of not complying could be high: a fine of up to €20 million (US$22 million) or 4 percent of worldwide revenue, not to mention the resulting decline in customer confidence.

One of the GDPR's requirements would be a sensible first step for many businesses even if it weren't mandated: For companies to classify all the data they hold that falls under the new regulation.

That one step could be a money-maker, rather than a money pit, according to Joe Garber, Hewlett Packard Enterprise's global vice president of marketing for information management and governance software.

"Once you get your data in order, once you get insight into your information, then you can mine that information for value, strategic information about what your customers really want."

There's also scope for cost savings on a number of fronts.

By moving their data into a central, searchable repository, businesses may find they can retire older applications. "We've had customers shutting down thousands of apps," Garber said.

And in examining that data, they may find they're better off not storing it at all. "Some percentage of that information won't have value for the organization, and at $20 per gigabyte for its lifecycle, it has a cost."

So is evaluating which information falls under the GDPR going to be a make-work project, as thousands of terminal operators repeatedly choose to "protect," "ignore" or "delete" as they click through customer records and email files?

Well, no. To start with, it's pretty obvious that a database of email or physical addresses, or credit card numbers, is going to be sensitive information, so much of that process can be automated.

"The big deal is unstructured information. It requires context," Garber said.

HPE, like a number of other companies, already has software tools that can make this kind of assessment, looking out for clues in email or other records that indicate the presence of credit card or bank account numbers and the like.

On Thursday, HPE began explicitly packaging some of its existing tools as solutions to particular GDPR compliance tasks, a move that will simplify matters for worried customers -- and perhaps bring HPE a little extra revenue in the run-up to 2018.

Its Personal Data Assessment tool will automatically identify information that falls under GDPR rules, while Secure Content Management will apply the appropriate policies to the data once assessed. It even has a Litigation Readiness and Response tool for dealing with investigations and lawsuits.

The portfolio is modular, leaving companies free to pick and choose whether to buy some elements elsewhere or to roll their own regulatory response.

Whoever businesses intend to hand the GDPR compliance tasks to, Garber thinks they should start right away.

"Many of these solutions will take some time to set up," he said.

And with a potential €20 million fine riding on the outcome, "If they wait until 2018 to switch the technology on, it will be too late," he said.

Join the PC World newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Peter Sayer

IDG News Service
Show Comments

Essentials

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?