The General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR EU 2016/679), which replaces the European Union (EU) Data Protection Directive (known as Directive 95/46/EC), is a European privacy law. The aim of the GDPR is to strengthen data privacy and protection for individuals within the EU, both citizen and non-citizen, as well as the transfer of EU personal data outside of the EU. It becomes enforceable on May 25, 2018.

Does GDPR apply to my business?

 The GDPR applies to any organization that processes and holds personal data of EU data subjects, regardless of whether or not the organization is a member of the 28 EU member states. The GDPR also applies to both citizens of the 28 EU member states, as well as any individuals transmitting data outside of the EU while traveling within the EU member states.

The 28 EU member states are:

Austria
Belgium
Bulgaria
Croatia
Cyprus
Czech Republic
Denmark
Estonia
Finland
France
Germany
Greece
Hungary
Ireland
Italy
Latvia
Lithuania
Luxembourg
Malta
Netherlands
Poland
Portugal
Romania
Slovakia
Slovenia
Spain
Sweden
United Kingdom

 

Exactly what does GDPR mean to my business?

The GDPR was adopted in April 2016 and adds to the EU’s general policy of protecting citizen’s data. In addition to the notifications of collection and legal ramifications for misuse, there is also a requirement to obtain explicit consent, notify in cases of a hack or breach, appoint dedicated data protection officers and much more. For financial institutions, the new rules will require significant investments in compliance to ensure continuing access to the EU market. The new rules are also pushing firms to pseudonymize personally identifiable information (PII) prior to processing it, meaning that the data can’t be attributed back to a particular person. The pseudonymization of data allows firms to do some larger data analysis – such as assessing average debt ratios of its customers in a particular region — that would otherwise be beyond the original purposes of data collected for assessing creditworthiness for a loan. As defined by Investopedia.com. Read more.

 

How does Big Head address international transfers of data?

Big Head’s server bank is Privacy Shield certified to help ensure the proper level of protection for all data that passes through our system. Our server bank complies with EU data protection laws regarding the international transfer of data. Specifically, our server bank is self-certified under the EU-US Privacy Shield and the Swiss-US Privacy Shield, which address the transfer of data from the EU and Switzerland to the US.

 

If I use Big Head’s hosting environment, do I have to comply with data protection laws?

YES, you must comply with data protection laws. When using Big Head’s services, the customer maintains ownership of the Customer Data and controls how such data is accessed and controlled.  Because Big Head has no knowledge of the types of data that a customer stores in our hosting environment — all customers are responsible for ensuring compliance with applicable laws and regulations to protect such information.

small biz owner“I’m just a small business.  Why would someone target me?”

Usually, you are not the target. Hackers want to use your website as a vessel to plant malware that allows them to run an operation out of your website.  They could be spamming ads, adding pornography links, or phishing for information from others.  Nearly one-third of cyber attacks target small business websites and systems.

So don’t take it personally.  BE PREPARED.

  1. Make sure your website’s software is current.
  2. Have strong passcodes with letters, numbers and symbols
  3. Add a Smart Alertz monitor to scan your website every six hours looking for hacker’s entry
  4. Add a personal firewall to your website

Being aware of how hackers work can help you set up the right defenses against hackers. So now that you know how they can get in, put the right protocols in place to help keep them out.

An excellent article by American Express, Hackers Gonna Hack: Understanding How Hackers Can Break Into Your System was recently published that discusses how hackers get into secure systems through your computer, WiFi, email and phishing.  Having security around your computer is no different than having security around your website.

PLAN FOR SECURITY.  It’s a must in today’s cyber wars.

Click here for instructions.

Why do I need to clear or refresh my cache?
Your browser has a folder in which certain items that have been downloaded are stored for future use. Graphic images (such as buttons and icons), photo’s, and even entire web pages are examples of items which are saved or cached. When visiting a webpage your browser checks if a copy of the files on the page is in its cache already. If so, it will save the visitor some downloading and make webpages load faster.

There are some situations when bypassing your browser’s cache is preferred. Just clicking the refresh button (or hitting F5) won’t be sufficient in this case, because this reloads the webpage while still using the old files from the cache. You need to refresh your cache first!