News Feed Item

Data breach knows no borders: What small businesses need to know about international privacy law

For National Small Business Week, Shred-it is reminding small business owners they could face strict new international privacy rules next year – and many don't even know it.

OAKVILLE, ON, Oct. 12, 2017 /CNW/ - As the Internet makes it easier than ever to do business around the world, Canadian small businesses may find themselves increasingly subject to privacy laws in other countries. Yet only one in seven (14 per cent) Canadian small business owners know about the impending General Data Protection Regulation (GDPR), according to Shred-it's 2017 Security Tracker conducted by Ipsos.

In May 2018, the GDPR will introduce sweeping new data protection requirements for businesses that process European Union (EU) citizens' personal data. The GDPR comes with heavy penalties for businesses of any size and in any country – including Canada – that are non-compliant.

Not only are most Canadian small business owners unaware of the GDPR, but many are far from meeting the GDPR's data protection standards. The Security Tracker revealed over a third (37 per cent) of small business owners never audit their company's information security procedures and less than half (45 per cent) claim to have a strong understanding of their legal requirements to protect data.

"In today's globalized business environment, the GDPR will affect not only multi-nationals but also small businesses that have transactions with EU citizens," says Paul Saabas, Vice President at Shred-it. "Even if you're not subject to the GDPR, your small business will benefit from strengthening its information security practices. As more and more personal data is transferred across borders, consumers may start to seek out businesses that meet both local and international privacy standards."

Throughout National Small Business Week, running October 15 – 21, 2017, Shred-it is encouraging small business owners to consider these three tips to help them strengthen their information security practices and prepare for the GDPR:

  1. Know what you don't know
    The first step in becoming compliant with any legislation is to know what data your business processes, where it's stored and what the risks are. Audit both the data your business keeps – whether on hard drives, premise servers or paper files – as well as the data processed by third parties, such as your cloud storage providers. The GDPR mandates regular Privacy Impact Assessments (PIAs) to identify privacy risks in projects or initiatives. Carry out PIAs in the early stages of any project so that data protection is part of your thinking from the beginning.

  2. Educate, inform, coach
    All employees share the responsibility to protect sensitive data and keep your business compliant. The GDPR mandates 'privacy by design' in some cases, which requires businesses to build data protection measures into staff training and human resource policies. Get ahead of the curve and start teaching your employees about data protection and information security now. As the saying goes, 'knowledge is power' – and knowledge can save your business from the significant legal consequences or reputational damage of a data breach.

  3. Ask an expert
    When it comes to changes in legislation, don't take your chances – especially with something as important as privacy compliance. Speak to an external legal expert who can help you understand if or how the GDPR affects your business, as well as your requirements for privacy protection in Canada.            

For more information about preparing for the GDPR, visit Shred-it's blog. Also, download the 2017 State of the Industry report to learn more about common information security trends and emerging challenges.

About Shred-it 

Shred-it is a world-leading information security company providing information destruction services that ensure the security and integrity of our clients' private information. Shred-it, a Stericycle solution, operates in 170 markets throughout 18 countries worldwide, servicing more than 400,000 global, national and local businesses. For more information, please visit www.shredit.com.

SOURCE Shred-it

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Widespread fragmentation is stalling the growth of the IIoT and making it difficult for partners to work together. The number of software platforms, apps, hardware and connectivity standards is creating paralysis among businesses that are afraid of being locked into a solution. EdgeX Foundry is unifying the community around a common IoT edge framework and an ecosystem of interoperable components.
DXWorldEXPO LLC announced today that Kevin Jackson joined the faculty of CloudEXPO's "10-Year Anniversary Event" which will take place on November 11-13, 2018 in New York City. Kevin L. Jackson is a globally recognized cloud computing expert and Founder/Author of the award winning "Cloud Musings" blog. Mr. Jackson has also been recognized as a "Top 100 Cybersecurity Influencer and Brand" by Onalytica (2015), a Huffington Post "Top 100 Cloud Computing Experts on Twitter" (2013) and a "Top 50 C...
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
DXWorldEXPO LLC announced today that ICOHOLDER named "Media Sponsor" of Miami Blockchain Event by FinTechEXPO. ICOHOLDER give you detailed information and help the community to invest in the trusty projects. Miami Blockchain Event by FinTechEXPO has opened its Call for Papers. The two-day event will present 20 top Blockchain experts. All speaking inquiries which covers the following information can be submitted by email to [email protected] Miami Blockchain Event by FinTechEXPO also offers s...
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
Daniel Jones is CTO of EngineerBetter, helping enterprises deliver value faster. Previously he was an IT consultant, indie video games developer, head of web development in the finance sector, and an award-winning martial artist. Continuous Delivery makes it possible to exploit findings of cognitive psychology and neuroscience to increase the productivity and happiness of our teams.
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting challenge of adapting related cloud strategies to ensure optimal alignment, from managing complexity to ensuring proper governance. How can culture, automation, legacy apps and even budget be reexamined to enable this ongoing shift within the modern software factory? In her Day 2 Keynote at @DevOpsSummit at 21st Cloud Expo, Aruna Ravichandran, VP, DevOps Solutions Marketing, CA Technologies, was jo...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
The standardization of container runtimes and images has sparked the creation of an almost overwhelming number of new open source projects that build on and otherwise work with these specifications. Of course, there's Kubernetes, which orchestrates and manages collections of containers. It was one of the first and best-known examples of projects that make containers truly useful for production use. However, more recently, the container ecosystem has truly exploded. A service mesh like Istio addr...
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
As IoT continues to increase momentum, so does the associated risk. Secure Device Lifecycle Management (DLM) is ranked as one of the most important technology areas of IoT. Driving this trend is the realization that secure support for IoT devices provides companies the ability to deliver high-quality, reliable, secure offerings faster, create new revenue streams, and reduce support costs, all while building a competitive advantage in their markets. In this session, we will use customer use cases...
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.
Evan Kirstel is an internationally recognized thought leader and social media influencer in IoT (#1 in 2017), Cloud, Data Security (2016), Health Tech (#9 in 2017), Digital Health (#6 in 2016), B2B Marketing (#5 in 2015), AI, Smart Home, Digital (2017), IIoT (#1 in 2017) and Telecom/Wireless/5G. His connections are a "Who's Who" in these technologies, He is in the top 10 most mentioned/re-tweeted by CMOs and CIOs (2016) and have been recently named 5th most influential B2B marketeer in the US. H...
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City. Digital Transformation (DX) is a major focus with the introduction of DXWorldEXPO within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of bus...