Stitcher for Podcasts

Get the App Open App
Bummer! You're not a
Stitcher Premium subscriber yet.
Learn More
Start Free Trial
$4.99/Month after free trial

Show Info

Episode Info

Episode Info: Welcome to Season 1, Episode 011, of Web and BeyondCast, “GDPR for Small Business.” (If you’re reading this in a podcast directory/app, please visit for clickable links and the full show notes and transcript of this cast.) According to Verizon’s 2018 Data Breach Investigations Report, “58% of malware attack victims are categorized as small businesses.” And, in the 2017 Cybercrime Report by Cybersecurity Ventures, they note that “cybercrime damages will cost the world $6 trillion annually by 2021.” It’s with this general risk in mind that the European Union started the process of updating its already-existing Data Protection Directive from 1995, and enacted the General Data Protection Regulation. Or, as some of you might have heard it as its acronym, GDPR. I’ll call it GDPR for the rest of this episode. I’ve gotten many questions about this topic, so in today’s episode, I’m going to do a deep-dive into: What is GDPR? Who Does GDPR Apply to? What Are the Key Provisions of GDPR for Small Business? What Actions Should You Take To Be and Stay GDPR-Compliant? Disclaimer: None of this should be taken as legal advice. I’m trying to give an explanation of a highly complex, evolving extraterritorial law, and additional laws, and if you have specific questions about your situation and the laws that impact your business, you should seek licensed legal counsel in your jurisdiction. If you’d like to discuss this episode, please click here to leave a comment down below (this jumps you to the bottom of the post), or feel free to contact me here about any other questions or comments. In this Cast | GDPR for Small Business Ray Sidney-Smith, Host Show Notes | GDPR for Small Business Resources we mention, including links to them will be provided here. Please listen to the episode for context. Key Terminology: Subject – a living, natural person (so corporate/business entities, governments or anything other than a living human being don’t count under GDPR) Personal Data – any data that can identify a subject directly or indirectly, so some common forms of Personal Data are a living person’s name, address, phone number, date of birth, and tax identification number. But, it encompasses any data that fits this category. Anonymous data does not apply. Personal Sensitive Data, or Sensitive Personal Data – a class of Personal Data, that should be subjected to a higher level of protection, includes “data consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation.” Data Controller – a person or entity “which…determines the purposes and means of the processing of personal data” Data Processor – a person or entity which processes personal data on behalf of a Data Controller Key Provisions: Data security versu...
Read more »

Discover more stories like this.

Like Stitcher On Facebook


Show Info

Episode Options

Listen Whenever

Similar Episodes

Related Episodes