CyberCrunch™ News: Advice on safe, secure data destruction and electronic recycling
Welcome to our monthly newsletter, a guide to protecting your organization from data breaches with advice on data destruction and recycling.
This month, we’ll look at how data privacy laws could become stricter in the US following GDPR and a newly passed law in California.
If your organization is based in Pennsylvania, come on down to our fall recycling events where you can safely dispose of your electronic equipment. There are links to all our events in this month’s newsletter.
If you would like help or advice about the safe, secure disposal of sensitive information, or any information about recycling your electronics more generally, visit us at https://www.ccrcyber.com
Is GDPR leading to stricter data privacy laws in the USA?
Over the last year, data privacy has moved from a niche topic to a very important one for organizations everywhere.
The EU’s General Data Protection Regulation (GDPR), which came into force on May 25th, 2018, covers data held on any EU citizen and enforces new accountability for organizations processing personal data.
Now, the California Consumer Privacy Act 2018 (AB 375) has been passed, on June 29th 2018, where a similar set of rules will affect organizations with data on Californian Citizens.
Data breaches are on the rise
Since GDPR came into force in May, there have been more than 1,100 personal data breaches in Europe, according to the Data Protection Commission, a significant increase on the average of 230 reported each month in 2017.
GDPR has been enormous headache for organizations’ legal, HR, and IT departments, and it affect any US business possessing European data.
The increase is the result of businesses struggling to keep up with the new requirements to stay compliant in how they store, process and delete all HR data.
- Breaches cost organizations $20 million or up to 4% of global turnover
- Individuals have easier access to their own data and the “right to be forgotten”
- Individuals have the right to know if their data has been hacked
- Employers, in certain circumstances, must to appoint a data protection officer
- The processing of children’s data requires consent
However, there are now signs that lawmakers have been inspired by GDPR to roll out similar laws in the United States. Stricter data privacy laws may soon affect even businesses that don’t possess European data.
Leading the way on this is California, which recently passed a law that could have more repercussions than GDPR – the strictest data privacy law in the country.
CCPA is similar to GDPR
The California Consumer Privacy Act (AB 375), which comes into force in January 2020, is not as strict as GDPR but takes a broader view on private data.
Under the California Consumer Privacy Act
- Consumers may demand to see all the information a company has saved on them.
- Consumers may Demand to see a full list of all the third parties that data is shared with.
- Consumers may sue companies if the privacy guidelines are violated, even if there is no breach.
- Companies could be fined up to $7,500 per record for non-compliance.
Make sure your data privacy is watertight
More data privacy laws such as these are likely to follow in the US. If your data relates to European or Californian citizens, ensure you are complying with the new laws. If you are sure this doesn’t apply to you, you should still take action right now to avoid running into problems later by taking some simple steps.
- Ensure your personal data is erased once you no longer need it, such as by destroying hard drives containing records.
- Ensure all personal data is traceable
- Ensure your data is organized and designated to someone to oversee
If you would like help or advice on this topic, please contact us. At CyberCrunch™, we can help you follow all state and federal standards, and provide safe and secure recycling and data destruction to keep your customer’s sensitive information safe.
Recycle your electronics with Cybercrunch™ this fall
Pennsylvanian residents and businesses can safely dispose of their unwanted electronics and computer equipment at our recycling events this fall.
Taking place in both the Pittsburgh and Philadelphia areas, our events are open all Pennsylvania residents and small businesses and will feature on-site hard drive and cell phone shredding as well as a whole host of other options. Any household electronics with a plug will be accepted.
For the following events, you are welcome to turn up on the day:
For the following events you need to book online before arriving: