Data443 Risk Mitigation Inc (ATDS)

[stockvaper]

Busy Year with Millions in ICO Fines Levied for Data Breaches

"The UK Data Protection Act 2018 (DPA) and the EU General Data Protection Regulation (GDPR) went into effect this year, and the first enforcement actions came sooner than many industry analysts expected. There was a general expectation that GDPR enforcement would not be seen until early 2019, but the first notices ended up being served in late September. The Information Commissioner’s Office (ICO), the UK’s independent authority for both GDPR and DPA issues, was also not shy about handing out maximum and near-maximum DPA fines throughout 2018. These ICO fines are already well into the millions of pounds with most of a month yet to go in the year.

The 10 largest ICO fines to date cumulatively total about £5,000,000. The total fine amount for the year has yet to be tabulated but looks to be in the millions of pounds sterling ahead of the total fine amount collected in 2017."

Read more...
https://www.cpomagazine.com/2018/12/11/busy-year-with-millions-in-ico-fines-levied-for-data-breaches/

Why Does GDPR Matter for The Cannabis Industry?

"GDPR – The Elevator Pitch
Here is why you cannot ignore it. The regulation affects bankers as much as growers, distributors as much as producers and of course the entire ecosystem behind medical production and distribution across Europe and actually far beyond it. Starting of course, with patients but not limited to them. The law in essence, applies to “you” whoever you are in this space. That is why it becomes all that much more complicated in the current environment.

While this is complex and far reaching, however, there are a couple of ways to think about this regulation that can help you understand it and how to manage to it (if not innovate with it).

The first is, to American audiences at least, that GDPR is sort of like HIPAA, the federal American privacy civil rights statute that governs medical privacy law. Except, of course, this being Europe, it is far more robust and far reaching. It touches every aspect of electronic privacy including data storage, retention, processing and security that is applicable to modern life. And far, far, beyond just “patients.”

"Broadly, the legislation, which came into force this year, with real teeth (4% of global revenues if you get it wrong), applies to literally every aspect of the cannabis industry for two big reasons beyond that. Medical issues, which are the only game in town right now in Europe (and thus require all importers to also be in compliance) and financial regulatory requirements."

Read more...
https://cannabisindustryjournal.com/feature_article/why-does-gdpr-matter-for-the-cannabis-industry/

GDPR Compliance Stalls EMEA Acquisition Activity

"A new survey shows that an increasing number of mergers and acquisitions (M&As) are not going through because of concerns over General Data Protection Regulation (GDPR) compliance.

According to a survey of M&A professionals in the EMEA, conducted by Merrill Corporation, the European Union’s (EU’s) GDPR, which went into effect at the end of May, is seen as a major hurdle for M&A deals. In fact, 55 percent of respondents cited the compliance and data protection implemented by target companies as a main reason why a transaction does not happen, while 66 percent believe the regulation will lead to increased scrutiny of the data protection policies and systems, which can delay the entire process.

“The EMEA M&A environment faces a unique set of challenges as it looks to comply with new regulations and privacy requirements,” said Hilary London, general manager of EMEA at Merrill, in a press release. “As we track transactions, it will be very telling how these challenges will impact organizations’ due diligence processes. Streamlining transactions via increased accessibility of transaction data will support greater transparency and enhance compliance, strengthening M&A activity in this market.”

When looking at what can make an M&A deal a success, 65 percent of respondents said the key to successfully managing the process is conducting thorough due diligence. They also expect that, over the next five years, technology will change that process through greater security (63 percent), support of deeper analytical capabilities (61 percent) and simplification of the process (45 percent).

In addition, 70 percent of those surveyed believe technology could allow for simplified and coherent solutions when it comes “to reviewing and analyzing contract text, running multiple scenario analyses and financial modeling (52 percent), and visualizing financial performance data (41 percent).” As far the technology to have the greatest impact, respondents believe artificial intelligence (AI) and machine learning (46 percent), as well as predictive analytics (37 percent), are most likely to transform M&A due diligence in the long run."

https://www.pymnts.com/news/regulation/2018/gdpr-compliance-emea-merger-acquisition/