{"id":4188,"date":"2019-06-27T05:28:57","date_gmt":"2019-06-27T05:28:57","guid":{"rendered":"https:\/\/209.235.70.100\/?p=4188"},"modified":"2020-01-04T05:29:18","modified_gmt":"2020-01-04T05:29:18","slug":"gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing","status":"publish","type":"post","link":"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/","title":{"rendered":"GDPR compliance one year on: finding harmony with cloud computing"},"content":{"rendered":"\n<p>The General Data Protection Regulation (GDPR) came into force on 25 May 2018. We have previously&nbsp;<a href=\"https:\/\/www.navisite.com\/blog\/what-are-the-implications-the-gdpr\">written<\/a>&nbsp;about how the regulation enhances existing data protection rules for all businesses handling personal data of EU citizens and extends responsibilities from data controllers to also cover data processors. One year on from its implementation, what has changed?<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Impact of the new regulation<\/h2>\n\n\n\n<p>Prior to the GDPR coming into force, there was a flurry of activity by businesses keen to demonstrate preparations were being made, opt-in emails were (often unnecessarily) sent to subscribers and press releases issued. However, due in part to the complexity of the regulation, many companies were in the end unable to meet compliance requirements; the&nbsp;<a href=\"https:\/\/iapp.org\/resources\/article\/iapp-ey-annual-governance-report-2018\/\" target=\"_blank\" rel=\"noreferrer noopener\">IAPP-EY Annual Governance Report 2018<\/a>&nbsp;indicates that around 50% of businesses (amongst those who responded to its survey) had been unable to achieve GDPR compliance by the deadline and, worse still, almost a fifth claimed that full compliance was impossible. The EU published an&nbsp;<a href=\"https:\/\/ec.europa.eu\/commission\/sites\/beta-political\/files\/190125_gdpr_infographics_v4.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">infographic<\/a>in 2019 which shows a steady flow of complaints made under GDPR and data breach notifications which are required under the legislation &#8211; so clearly it is being invoked.<\/p>\n\n\n\n<p>But even though many companies may still be failing to achieve full compliance one year on, what is clear is that GDPR is now firmly on the radar of those responsible for mitigating business risk. Organisations considering IT infrastructure requirements such as cloud computing facilities often raise the subject of GDPR compliance before making a decision. And they are also very keen to establish cybersecurity credentials of providers, with a view to staving off any data protection concerns.<\/p>\n\n\n\n<p>In terms of fines, the UK has not yet applied a penalty exceeding the previous maximum limit of \u00a3500,000, before GDPR raised this to the greater of \u20ac20 million of 4% of global annual turnover. However, Elizabeth Denham, Information Commissioner,&nbsp;<a href=\"https:\/\/ico.org.uk\/about-the-ico\/news-and-events\/news-and-blogs\/2018\/10\/facebook-issued-with-maximum-500-000-fine\/\" target=\"_blank\" rel=\"noreferrer noopener\">noted<\/a>&nbsp;that the \u00a3500,000 fine which Facebook received in the wake of the Cambridge Analytica scandal &#8211; just before the GDPR came into force &#8211; would&nbsp;<em>\u201cinevitably have been significantly higher under the GDPR\u201d<\/em>. The first significant demonstration of the teeth which the GDPR has given to regulators came in January 2019 when&nbsp;<a href=\"https:\/\/www.bbc.co.uk\/news\/technology-46944696\" target=\"_blank\" rel=\"noreferrer noopener\">Google was fined \u20ac50 million by French data regulator CNIL<\/a>, for&nbsp;<em>&#8220;lack of transparency, inadequate information and lack of valid consent regarding ads personalisation&#8221;<\/em>&nbsp;&#8211; part of the decision was due to Google\u2019s use of pre-ticked consent boxes, which highlights the importance of getting even the small details right.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">GDPR and cloud computing<\/h2>\n\n\n\n<p>Managed service providers (MSPs) and cloud service providers (CSPs) are covered by the GDPR. This means that, although their clients are still responsible for ensuring compliance with data protection rules (as data controllers), MSPs and CSPs now share this responsibility (as data processors). Regulatory compliance in the cloud is therefore a joint effort; cloud computing providers should be willing to demonstrate an awareness of the key data protection principles and offer a robust control environment with optimal cybersecurity provision.<\/p>\n\n\n\n<p>Here at Navisite, we regularly evaluate and audit our systems, services and personnel; maintaining certifications for security, compliance and cloud with&nbsp;<a href=\"https:\/\/www.navisite.com\/why-navisite\">over 1,400 certifications<\/a>, so clients can rest assured that we are meeting the highest standards for processes, controls and procedures that help ensure safety and GDPR compliance in their cloud environment. To discuss any concerns regarding compliance with the GDPR and other regulation,&nbsp;<a href=\"https:\/\/www.navisite.com\/contact-us\">get in touch<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":114,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.7 (Yoast SEO v21.7) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>GDPR compliance one year on: finding harmony with cloud computing - Navisite<\/title>\n<meta name=\"description\" content=\"The General Data Protection Regulation (GDPR) came into force on 25 May 2018. We have previously&nbsp;written&nbsp;about how the regulation enhances\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"GDPR compliance one year on: finding harmony with cloud computing\" \/>\n<meta property=\"og:description\" content=\"The General Data Protection Regulation (GDPR) came into force on 25 May 2018. We have previously&nbsp;written&nbsp;about how the regulation enhances\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/\" \/>\n<meta property=\"og:site_name\" content=\"Navisite\" \/>\n<meta property=\"article:published_time\" content=\"2019-06-27T05:28:57+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-01-04T05:29:18+00:00\" \/>\n<meta name=\"author\" content=\"Megan Ferringer\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@navisite\" \/>\n<meta name=\"twitter:site\" content=\"@navisite\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Megan Ferringer\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/\"},\"author\":{\"name\":\"Megan Ferringer\",\"@id\":\"https:\/\/www.navisite.com\/#\/schema\/person\/99bad6e33cc6d3ac27337400026e4a9f\"},\"headline\":\"GDPR compliance one year on: finding harmony with cloud computing\",\"datePublished\":\"2019-06-27T05:28:57+00:00\",\"dateModified\":\"2020-01-04T05:29:18+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/\"},\"wordCount\":571,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.navisite.com\/#organization\"},\"articleSection\":[\"Blog\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/\",\"url\":\"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/\",\"name\":\"GDPR compliance one year on: finding harmony with cloud computing - Navisite\",\"isPartOf\":{\"@id\":\"https:\/\/www.navisite.com\/#website\"},\"datePublished\":\"2019-06-27T05:28:57+00:00\",\"dateModified\":\"2020-01-04T05:29:18+00:00\",\"description\":\"The General Data Protection Regulation (GDPR) came into force on 25 May 2018. We have previously&nbsp;written&nbsp;about how the regulation enhances\",\"breadcrumb\":{\"@id\":\"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.navisite.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"GDPR compliance one year on: finding harmony with cloud computing\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.navisite.com\/#website\",\"url\":\"https:\/\/www.navisite.com\/\",\"name\":\"Navisite\",\"description\":\"Elevate Your Cloud Journey\",\"publisher\":{\"@id\":\"https:\/\/www.navisite.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.navisite.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.navisite.com\/#organization\",\"name\":\"Navisite\",\"url\":\"https:\/\/www.navisite.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.navisite.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.navisite.com\/wp-content\/uploads\/2020\/02\/logo.svg\",\"contentUrl\":\"https:\/\/www.navisite.com\/wp-content\/uploads\/2020\/02\/logo.svg\",\"width\":1,\"height\":1,\"caption\":\"Navisite\"},\"image\":{\"@id\":\"https:\/\/www.navisite.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/twitter.com\/navisite\",\"https:\/\/www.instagram.com\/navisite\/\",\"https:\/\/www.linkedin.com\/company\/navisite\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.navisite.com\/#\/schema\/person\/99bad6e33cc6d3ac27337400026e4a9f\",\"name\":\"Megan Ferringer\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.navisite.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.navisite.com\/wp-content\/uploads\/2021\/02\/IMG-0529-150x150.jpg\",\"contentUrl\":\"https:\/\/www.navisite.com\/wp-content\/uploads\/2021\/02\/IMG-0529-150x150.jpg\",\"caption\":\"Megan Ferringer\"},\"description\":\"Megan is the Content Marketing Manager at Navisite with more than 10 years of experience helping brands discover and tell their stories. From working at a global non-profit organization to boutique marketing agencies in Chicago, she champions the power of storytelling across all industries.\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"GDPR compliance one year on: finding harmony with cloud computing - Navisite","description":"The General Data Protection Regulation (GDPR) came into force on 25 May 2018. We have previously&nbsp;written&nbsp;about how the regulation enhances","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/","og_locale":"en_US","og_type":"article","og_title":"GDPR compliance one year on: finding harmony with cloud computing","og_description":"The General Data Protection Regulation (GDPR) came into force on 25 May 2018. We have previously&nbsp;written&nbsp;about how the regulation enhances","og_url":"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/","og_site_name":"Navisite","article_published_time":"2019-06-27T05:28:57+00:00","article_modified_time":"2020-01-04T05:29:18+00:00","author":"Megan Ferringer","twitter_card":"summary_large_image","twitter_creator":"@navisite","twitter_site":"@navisite","twitter_misc":{"Written by":"Megan Ferringer","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/#article","isPartOf":{"@id":"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/"},"author":{"name":"Megan Ferringer","@id":"https:\/\/www.navisite.com\/#\/schema\/person\/99bad6e33cc6d3ac27337400026e4a9f"},"headline":"GDPR compliance one year on: finding harmony with cloud computing","datePublished":"2019-06-27T05:28:57+00:00","dateModified":"2020-01-04T05:29:18+00:00","mainEntityOfPage":{"@id":"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/"},"wordCount":571,"commentCount":0,"publisher":{"@id":"https:\/\/www.navisite.com\/#organization"},"articleSection":["Blog"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/","url":"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/","name":"GDPR compliance one year on: finding harmony with cloud computing - Navisite","isPartOf":{"@id":"https:\/\/www.navisite.com\/#website"},"datePublished":"2019-06-27T05:28:57+00:00","dateModified":"2020-01-04T05:29:18+00:00","description":"The General Data Protection Regulation (GDPR) came into force on 25 May 2018. We have previously&nbsp;written&nbsp;about how the regulation enhances","breadcrumb":{"@id":"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.navisite.com\/blog\/gdpr-compliance-one-year-on-finding-harmony-with-cloud-computing\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.navisite.com\/"},{"@type":"ListItem","position":2,"name":"GDPR compliance one year on: finding harmony with cloud computing"}]},{"@type":"WebSite","@id":"https:\/\/www.navisite.com\/#website","url":"https:\/\/www.navisite.com\/","name":"Navisite","description":"Elevate Your Cloud Journey","publisher":{"@id":"https:\/\/www.navisite.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.navisite.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.navisite.com\/#organization","name":"Navisite","url":"https:\/\/www.navisite.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.navisite.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.navisite.com\/wp-content\/uploads\/2020\/02\/logo.svg","contentUrl":"https:\/\/www.navisite.com\/wp-content\/uploads\/2020\/02\/logo.svg","width":1,"height":1,"caption":"Navisite"},"image":{"@id":"https:\/\/www.navisite.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/twitter.com\/navisite","https:\/\/www.instagram.com\/navisite\/","https:\/\/www.linkedin.com\/company\/navisite"]},{"@type":"Person","@id":"https:\/\/www.navisite.com\/#\/schema\/person\/99bad6e33cc6d3ac27337400026e4a9f","name":"Megan Ferringer","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.navisite.com\/#\/schema\/person\/image\/","url":"https:\/\/www.navisite.com\/wp-content\/uploads\/2021\/02\/IMG-0529-150x150.jpg","contentUrl":"https:\/\/www.navisite.com\/wp-content\/uploads\/2021\/02\/IMG-0529-150x150.jpg","caption":"Megan Ferringer"},"description":"Megan is the Content Marketing Manager at Navisite with more than 10 years of experience helping brands discover and tell their stories. From working at a global non-profit organization to boutique marketing agencies in Chicago, she champions the power of storytelling across all industries."}]}},"publishpress_future_action":{"enabled":false,"date":"1970-01-01 00:00:00","action":"","terms":[],"taxonomy":"","browser_timezone_offset":0},"_links":{"self":[{"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/posts\/4188"}],"collection":[{"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/users\/114"}],"replies":[{"embeddable":true,"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/comments?post=4188"}],"version-history":[{"count":0,"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/posts\/4188\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/media?parent=4188"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/categories?post=4188"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/tags?post=4188"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}