Illustrative stock photo (source: AP/TASR)
As the deadline for compliance with new EU privacy rules quickly approaches, companies and organisations in Slovakia are rushing to get their systems and employees prepared for new duties. Although companies had plenty of time to prepare for the new regulation and risk hefty fines for breaching the new rules, surveys indicate that several companies will fail to fully comply with the new EU privacy rules in time.
What is the GDPR?
The General Data Protection Regulation (GDPR) is described as the biggest overhaul of online privacy since the birth of the internet. The EU directive, accompanied by new national data protection legislation in Slovakia, introduces unified rules across the board on how organisations create, capture, store and share personal information. This gives ordinary citizens easier access to the data companies hold about them and obliges organisations to obtain the consent of people they collect information about.
The regulation was adopted on April 27, 2016. It becomes enforceable on May 25, 2018 after a two-year transition period, along with the Slovak national legislation that covers fields not covered by the GDPR. When the GDPR and the new data protection law take effect, they will replace the previous directive and legislation.
As of May 25, each company or organisation handling the data of EU citizens, including those beyond the European Union (EU), must follow the rules and requirements of the GDPR. Those who mishandle the personal data of customers, users, employees and associates will face huge fines.
The General Data Protection Regulation (GDPR), described as the biggest overhaul of online privacy since the birth of the internet, comes into force on Friday, May 25. The directive, accompanied by new national data protection legislation in Slovakia, introduces unified rules across the board for how organisations can create, capture, store and share personal information.
“The readiness of companies for GDPR seems to be rather low, whether there is also a discussion on what it means to be ready,” Radoslav Sedlák, senior manager at the Softec software company, told The Slovak Spectator. “Companies are diverting from their original ambitions to achieve full compliance with this legislation and are searching for controlled risk and ways to spread investments and preparation works in time.”
Surveys indicate a rather postponed implementation of the GDPR in Slovakia.
TÜV SÜD Slovakia, a certification authority that provides inspection and certification services to confirm the compliance of companies with the GDPR, conducted a survey at the end of 2017. They found as much as 36 percent of companies at the time had not started preparing for the GDPR and more than 28 percent were not even acquainted with the new legislation.
“These are alarming numbers, but we assume that the situation has improved since that time,” Martin Tichý, chief operating officer at TÜV SÜD Slovakia, told The Slovak Spectator.
In general, experts estimate that bigger companies and branches of international companies are better prepared for the GDPR because they either have enough internal experts, IT or legal, or because the proper compliance with the GDPR is a priority of their parent companies.
Experts also expect a more-or-less smooth implementation in sectors that are already quite significantly regulated and must meet high standards of information security. These include the financial, telecommunication and IT sectors.
