GDPR Impact on Security Ecosystem to Be Examined in ISC West Session
The General Data Protection Regulation will affect organizations in the European Union, but the data privacy law can also have far-reaching impact on North American-based systems integrators, monitoring firms and manufacturers.
A GDPR rule stipulates that companies must notify data protection authorities about a data breach within 72 hours of first becoming aware of it.
If you’re a business decision maker not privy to implications of the soon-to-be enforced General Data Protection Regulation (GDPR), then count yourself among a rather vast lot.
The fast approaching regulation is a European Union initiative, although aspects of which can also affect North American-based companies. As of May 25, GDPR will be the primary law regulating how companies protect EU citizens’ personally identifiable information. The regulation authorizes baseline standards for businesses that handle EU citizens’ data with the intent to safeguard the processing and movement of personal data.
The rules encompass video surveillance data, cardholder information and activities tracked by an access control system, as well as license plate numbers captured by an automatic license plate recognition (ALPR) system.
Noncompliant businesses could be hit with massive fines of 4% of a company’s annual global earnings. And what becomes of the hard-earned trust of your customers? It’s important to emphasize this affects not just companies in the E.U., but whether the data is processed within E.U. borders.
Yet another mandate calls for companies to notify their data protection authority about a data breach within 72 hours of first becoming aware of it. The processor of the data will need to notify customers “without undue delay” after learning of the breach, according to an E.U. document.
Even if you understand the implications of GDPR, knowing where your business’s data resides can be difficult to determine given various organizational silos, such as IT and physical access control systems. And that can mean exposure to GDPR rules.
Help Is on the Way
If you are heading to ISC West do consider registering for a topically relevant educational session that can help make sense of it all: “Countdown to GDPR: Impact on the Security Ecosystem and How to Prepare.”
The panel session will be moderated by Jake Parker, director of government relations for the Security Industry Association (SIA). Parker takes a leading role in the development of the SIA’s legislative and regulatory programs. He will be joined by two panelists: Susan Ross is an attorney with Mitchell Silberberg & Knupp, who chairs the firm’s Cybersecurity and Privacy Practice Group. She also chairs MSK’s Regulatory Practice Group, which focuses on import/export and related issues, including compliance programs. Lora Wilson is director of marketing, North America, for Axis Communications, a global provider of IP-based video surveillance and access control solutions.
Learning objectives for the session are listed as such:
- Provide an overview of the GDPR, its purpose, scope and deadlines.
- Identify the compliance requirements under GDPR applicable to security firms, both for protecting customer and employee data, and protecting personal data collected by security systems.
- Examine the product features and technology tools manufacturers and integrators are utilizing to achieve compliance.
For more information and to register, go here.
ISC West can also provide the opportunity to have substantive discussions about GDPR with vendors who do business in the EU. The idea is you should expect they can assist industry stakeholders with GDPR compliance and related factors. If they can’t speak meaningfully about the regulation, then I have two words for you: red flag.
Genetec is one such technology provider that will be actively engaging ISC West attendees about GDPR obligations. The company announced recently it will showcase on-premises and SaaS end-to-end solutions that can help organizations achieve GDPR compliance related to processing video surveillance data, as well as access control and license plate recognition systems.
“With the deadline nearing, and heavy penalties looming, North American organizations, from big multinational retail chains to small and medium-sized businesses, are seeking strategies that will make them compliant across all their data collection processes, as simply and cost-effectively as possible,” says Christian Morin, vice president of Cloud service s and CSO, Genetec. “At ISC West, we will be engaging our customers and partners in discussions about how to best achieve compliance.”
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
About the Author
Rodney Bosch, Senior Editor
Although Bosch’s name is quite familiar to those in the security industry, his previous experience has been in daily newspaper journalism. Prior to joining SECURITY SALES & INTEGRATION in 2006, he spent 15 years with the Los Angeles Times, where he performed a wide assortment of editorial responsibilities, including feature and metro department assignments as well as content producing for latimes.com. Bosch is a graduate of California State University, Fresno with a degree in Mass Communication & Journalism. In 2007, he successfully completed the National Burglar and Fire Alarm Association’s National Training School coursework to become a Certified Level I Alarm Technician.
Related Content
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.
A FREE subscription to the top resource for security and integration industry will prove to be invaluable.
