Effects of the Restrictions
GDPR has changed how businesses conduct their activities, ensuring compliance with the regulations. Companies collect users’ data to improve their operations by serving customers according to their data patterns. GDPR has changed the way companies collect, store and use the information for companies based in the EU and companies that serve EU customers (Regulation, 2018). One effect that GDPR has on global companies is that they have to reevaluate their business processes and operations to comply with the regulations (Tikkinen-Piri et al., 2018). This includes the company process of collecting users’ data and using the information. The companies have to provide their users with a form to fill or tick, giving consent to collect their data.
The form should describe how the company intends to use the information, ensuring that users understand their consent. Another effect of complying with GDPR, companies have to implement additional security measures to protect data from a data breach. Companies will need additional resources to implement more security measures meaning it will cost a lot more money to comply with the regulations (Tikkinen-Piri et al., 2018). Another effect is; it interferes with the innovation process because companies rely on users’ information to produce innovative products that users need (Tikkinen-Piri et al., 2018). It will take long for companies to explain what they are doing with the information, which does not promise users will consent to the company using their data.
Potential Outcomes of the US Instituting the Regulations
The United States should consider bringing its laws into an agreement with the EU’s GDPR. This will help the country harmonize its data privacy laws that are different in different states. The US has focused its data protection laws on medical data, financial data, and data that concerns children. These laws do not apply to all industries; hence there is a need for data protection laws that protects users’ data in all sectors for all states. This will ensure adequate data protection for all consumers’ data, reducing data breaches.
Potential outcomes include user empowerment on how companies can use their data, helping to protect users from corporate exploitation. This will give users the power to decide if a company can collect and use the data educating the users on how companies plan to use the data (Tikkinen-Piri et al., 2018). Another potential outcome is strengthening the US and EU’s trade relationship because there will be no restrictions limiting companies interacting with each other. This would be beneficial for companies because they will only need to apply one security measure instead of several security measures to comply with the different regulations in various countries that the company operates in (Goddard, 2017). Another potential outcome is a reduced number of data breaches because the regulation advocates for tighter security measures for users’ data reducing vulnerabilities that attackers may use to gain unauthorized access.
Reflection on Key Takeaways
The key takeaways from this course include regulations that companies have to follow to protect users’ data. As an IT practitioner in a company, I should identify regulations that the company must comply with to keep users’ data safe. This will help me identify gaps in the implementation of the regulation and what the company should do to eliminate the gaps to ensure the company complies with the regulations. Another key takeaway from this course is I learned the different cybersecurity methods that hackers use to attack companies’ networks and how to prevent the attacks ensuring that users’ data is safe from being stolen or misused.
References
Goddard, M. (2017). The EU General Data Protection Regulation (GDPR): European regulation that has a global impact. International Journal of Market Research, 59(6), 703-705.
Regulation, G. D. P. (2018). General data protection regulation (GDPR). Intersoft Consulting, Accessed in October, 24(1).
Tikkinen-Piri, C., Rohunen, A., & Markkula, J. (2018). EU General Data Protection Regulation: Changes and implications for personal data collecting companies. Computer Law & Security Review, 34(1), 134-153.