The General Data Protection Regulation (GDPR) imposes new rules on companies, government agencies, non-profits, and other organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents.  It is not only about compliance with security standards, such as levels of encryption, but also how you ask for and maintain data about your customers, employees and vendors.

Blue Net customers have asked us to weigh in on these rules as they relate to the way their technology interacts with their customers, employees and vendors.

The rules are very broad and every company will have different aspects of the regulations that apply to their business. As such it is impossible for Blue Net to offer a blanket statement that indicates if the technology services provided by Blue Net meets the regulations.

However, Blue Net is ready to answer questions about how the security, consent and accountability works with your specific deployments.

If you are working with a consulting firm who specializes in regulatory compliance, you should have them contact Blue Net about areas where they need clarification as to how the technology is deployed and current security configurations.  If you are just getting started with GDPR you can begin by reading a few the resources noted below to understand which of these regulations apply to your business practices.

https://servicetrust.microsoft.com/ViewPage/GDPRGetStarted

https://www.dataprotectionreport.com/wp-content/uploads/sites/489/2016/05/GDPR_Checklist_Norton_Rose_Fulbright_May_2016.pdf

https://dma.org.uk/uploads/misc/58f881147dcd0-gdpr-checklist-copy_58f881147dc1e.pdf