The boom in Big Data is evident with most medium and large companies recruiting data analytics staff. It is no secret that data analytics is a powerful tool that helps companies gain insights from their data. But it also comes with risks.
What Happens if Your Company Loses Sensitive Information?
If a corporation loses your personal information as a result of a data breach, it must follow certain data protection rules.
In most cases, the corporation is required by the Data Protection Act 2018 (GDPR) to notify you without undue delay if there is a severe breach of your personal data that is likely to result in a high danger to your rights and freedoms.
Following a breach, the organisation must determine the likelihood and severity of a risk to your freedom and personal data rights.
The company should inform you of the following:
If a corporation loses your personal information as a result of a data breach, it must follow certain data protection rules.
In most cases, the corporation is required by the Data Protection Act 2018 (GDPR) to notify you without undue delay if there is a severe breach of your personal data that is likely to result in a high danger to your rights and freedoms.
Following a breach, the organisation must determine the likelihood and severity of a risk to your freedom and personal data rights.
How Does Data Protection (GDPR) Impact Data Analytics?
We won’t go into great detail on GDPR because there has already been so much written about it. However, several aspects of the regulation have a specific impact on organisations that gather, store, and process data for analytics (known as a data processor under GDPR) and companies that employ the services of a data processor to benefit from analytics (or data controllers).
As a data controller, you must ensure that you only collect the information you require and that you have a clear consent process in place so that users understand what information is being collected and how it will be used. These users also need the opportunity to opt-in or out of your data storage and processing processes, as well as the ability to manage the data you store, such as the ability to access and request deletion of the information you have on them.
Data processors, such as analytics service providers, have their own duties, which include following to the GDPR’s criteria and ensuring that they and the organisation for whom they provide such services have a Data Protection Agreement in place. They’ll need the resources to back up the rights stated above, so that everyone whose personal information is stored can see it and request that it be withdrawn.
In the event of a data breach, both controllers and processors are responsible for safeguarding personal data and alerting data authorities and any impacted individuals. Furthermore, and this is the worrying part, failure to meet these criteria will result in harsher fines under GDPR.
