Research Manager, European Imaging, Printing and Document Solutions
The EU General Data Protection Regulation (GDPR) is now in force with a transition period until 25th May 2018. IDC research shows that many organizations appear to have little or no understanding of the regulation, its scope, timeline or impact, despite the risk of huge penalties of up to 4% of global turnover or €20 million, (whichever the greater), as well as potential lawsuits, suspension of personal data processing and damage to reputation.
GDPR compliance is required by any organization – regardless of their location – that processes the personal data of “data subjects” (the natural person to which the data relates) in the EU. Processing of personal data refers to what can be done with data i.e. data activities such as: requesting, collecting, storing, searching, forwarding, deleting etc. The definition of processing is very broad: it is best to think of any action that ‘touches’ personal data as being in scope. Outputting of personal data including printing, copying, faxing and scanning is therefore considered as processing and therefore is subject to GDPR regulation.
Recent IDC Western European research shows that approximately 40% of respondents responsible for the purchase and management of printing and copying devices are completely aware of GDPR and its timescales. However more than 60% of those respondents were unaware that GDPR includes print which considering the print focus of their roles gives cause for concern.
Overall GDPR awareness is growing albeit slowly and there is clearly a long way to go for many organizations. You may think that your organization is on track and working diligently towards full compliance in time to meet the 2018 deadline. But don’t overlook your print infrastructure as it could be the chink in your armour that will mean non-compliance and cost you dearly. If you are a print provider there is clearly an opportunity for you to ensure that your customers meet the print requirements that help will help them attain GDPR compliance.
If you want to know more about IPDS and how it’s complying with EU Regulations, please contact Sharon McNee.