In the short time since the European Union (EU) introduced its current data protection directive in 1995, a technological revolution has irreversibly changed the way we gather, store and share information.
The proliferation of the internet and cloud computing is creating an unprecedented level of complexity for businesses that manage personal data in multiple regions across Europe. This has led to concerns over the widening gap between data protection rules and ever-advancing technology, which the European Commission aims to address through reform that will transform the way personal data is protected and regulated across the EU.
The new data protection regulation sets out to create standardisation and present growth opportunities for European businesses by making it less complex to manage the differing regulations across borders.
However, the proposed reform will require businesses to be more responsible and accountable in the way they handle customer and client data, presenting challenges for the way they manage their documents – and the security of the data within them.
The EU expects the digital economy to deliver up 4% growth in Europe by 2020. Clearer, modernised data protection rules are essential to enable this growth.
Ongoing concerns about security make it difficult for businesses operating solely in the online space to prosper, and restrict e-commerce opportunities for other businesses.
Moreover, the current patchwork of national data protection requirements is a real barrier to expansion across markets for all businesses, and in particular for small and medium sized enterprises, most of whom lack the resources to cope with the legal and administrative burdens involved in dealing with the different data protection rules of individual EU member states.
The reform aims to unify data protection requirements and eliminate the duplication required to ensure compliance in multiple markets, making it easier for businesses operating across territories. Companies would deal with a single data protection authority in the country where they are based.
As well as facilitating cross-border investment and e-commerce, this would eliminate the uncertainty caused by changes to data protection rules at a national level, which often create vastly different standards across different EU countries.
But are businesses ready? Under the proposals, businesses would need to obtain explicit consent before processing personal data, respond to customer requests for their data to be deleted in a timely manner, and be ready to smoothly transfer personal data to another service provider if asked to do so.
Research conducted by Ricoh reveals that this will be an uphill battle for many. A surprising number of companies - 57% - today do not have a fully developed and implemented strategy for managing business-critical document processes.
To comply with any new legislation, many businesses across Europe would need to optimise the document processes that underpin information exchanges within their organisation. And for many, the biggest question is where to start.
Businesses across Europe would benefit from an impartial review of document workflows from a trusted expert, to ensure they are best positioned to both take advantage of, and ensure compliance with, the EU’s new data protection regime while allowing them to focus on their core business.
Strict governance and audit trail reviews, carried out regularly, are the best insurance for businesses against potential data crises which may result in severe penalties, damaged reputation and loss of clients.
The provisions of the data protection reform are currently being hotly debated in the European Parliament. With over 3000 amendments tabled, the final shape of the new regulation is still unclear.
What is clear, however, is that the reform will create a much needed incentive for European businesses to be more responsible and accountable in the way they handle customer and client data.
As such, it has never been more important for organisations to secure each layer of their document workflow, from document creation through to distribution, access and output.
Companies that adapt quickly to the new rules will not only avoid costly data breaches, but also benefit from better information sharing, giving them a leading position in the race for consumers’ trust and ultimately their business.