The challenges of the EU's data protection act
The new European Union General Data Protection Regulation (GDPR) is prompting a sea change in the way organizations work with personal data, including information contained in email and contact databases. This data protection law gives EU residents the ask companies for any information that has been stored about them. It also allows them to withdraw their consent to its use, in which case organizations would be obligated to destroy the information.
The penalties for failing to comply with this data protection act are steep – as much as £20 million or 4% of total yearly worldwide revenue. And these GDPR requirements affect any company doing business with you residents, no matter where the organization is based.
The deadline for implementing changes required by the data protection act is May 2018, providing companies with very little time to transform the way they manage personal data in order to achieve GDPR compliance.
How the data protection act impacts email
The data protection regulation will change the way organizations manage and archive email. When collecting personal data via email, organizations will have to get explicit consent from users, asking users to opt in rather than giving them the opportunity to opt out. The data protection act also impacts the way that companies manage backup and archived copies of email – administrators will need the ability to quickly recall and erase all email data related to a particular person.
Mimecast simplifies compliance with the EU data protection act
Mimecast offers SaaS-based services for email archiving, security and continuity that can make compliance with the data protection act easier and less costly.
Protecting user data from theft will be an important part of complying with the data protection act, and Mimecast email security services provide comprehensive defenses against a cyber security attack. Mimecast's services provide state-of-the-art protection against viruses, malware and data leaks as well as advanced threats like impersonation attacks and spear-phishing that may be used to get unauthorized access to user data.
Mimecast also offers cloud-based multipurpose archiving with fine-grained control that lets organizations respond quickly to opt-out requests. When individuals withdraw consent and ask that their data be erased, Mimecast makes it easy to isolate and delete emails from the archive with smart tagging, fast e-discovery and other administrative tools.
Mimecast reduces the cost and administrative burden of complying with the EU data protection act. Administrators can manage security and archiving services from a single console, accessing archiving logs to help audit compliance data protection act requirements. And as a cloud-based solution, Mimecast can be implemented quickly and requires no expense for hardware or software.
Learn more about complying with the data protection act with help from Mimecast.