The GDPR (General Data Protection Regulation) is not always a welcome measure at many companies. Some will comply, for fear of sanctions rather than as a proactive initiative. However, by securing the personal data of website users, the cybersecurity and data protection aspects of GDPR are proving to be an effective safeguard against cybercrime.
The GDPR is an European regulation in force since May 2018 that imposes binding rules on public and private organizations (companies in most cases) in terms of managing and processing the personal data of users of their internet platforms. The stated objective of the European Union: to secure personal data collected online!
Site managers must therefore now offer strong guarantees to remain in compliance with the GDPR in all circumstances. In France, the National Commission for Information Technology and Civil Liberties (CNIL) recommends six steps to ensure compliance: only collect the data that is really necessary, be completely transparent, organize and facilitate the rights of individuals, set data retention periods, secure the data and identify the risks, and include compliance in an ongoing process.
These are all major principles that need to be implemented and adjusted in the context of each organization and each company, and which concern both external users of sites and employees within a company. For all these reasons, the GDPR is often perceived negatively by site managers and by professionals in particular. However, despite its somewhat heavy workload, the GDPR brings significant advantages in terms of strengthened cybersecurity.