On March 1, 2021, of Distribution of Personal Data of Russian Citizens without their Special Consent came into force. Operators are now required to delete personal data at the first request of their owner. Citizens can demand that any online resource (website, social network, messenger, etc.) stop distributing personal data. The resource administration will have three days to consider the application and make a decision on it. If after three days the resource continues to disseminate the data, the citizen has the right to file a lawsuit.
What measures should Russian businesses take to comply with the law and avoid fines?
To comply with the GDPR, organizations must implement the most effective and rigorous data management practices and security policies. An important first step in this direction is to understand where poland mobile database how the company collects, uses, and stores personal data (on the organization’s servers or in the cloud), which systems use this data, and who has access to it. Some CIOs believe that applications are relatively easy to manage, and the main problem is unstructured data, which is easily distributed across internal systems and work laptops and therefore often “leaks” to other clouds and client devices.
While it may seem easier to manage structured application data from a GDPR perspective, the proliferation of applications in large enterprises is making this data increasingly complex to manage. Large enterprises must also ensure GDPR compliance for unstructured data stored on servers, email systems, and client devices. This is a huge challenge, as nearly 80% of all data used in business is unstructured. Is it possible to achieve GDPR compliance in a typical modern company that uses multiple, unintegrated products to manage data? It is a tall order, but it is doable.