• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Compliance & Regulations   »   Compliance guidelines relaxed in the U.K.

Compliance guidelines relaxed in the U.K.

  • Posted on:August 28, 2012
  • Posted in:Compliance & Regulations
  • Posted by:
    Trend Micro
0

Businesses considering getting involved more closely with other tech companies in the U.K. previously ran into issues due to protocols formerly strictly enforced overseas regarding data security. For a time, it was even advised for eDiscovery reasons that U.S. and U.K. companies not store information with the other, as it could make requests difficult to impossible.

Now it looks like the U.K. is getting even looser with its data protection than America, as a recent report from the Register reported. The EU Council of Ministers no longer will require every U.K.-based company to meet full compliance requirements.

Fast and loose

The council's reasoning behind the move toward more lax security requirements is that not all businesses can afford to take the time or divert the funds to meeting full compliance. Handing down fines or other repercussions against these entities could harm the overall health of the company, so the EU decided it would be best to allow these businesses to simply ignore the parts of data protection guidelines that don't work for them.

The General Data Protection Regulation (GDPR) isn't even a year old and already it's being redacted partially. Previously the EU took a strong hand toward the protection and maintenance of personal individual information, but now it is changing the definition of "personal data" in order to make it easier for companies to meet the guidelines. Rather than raising the bar, the GDPR gives technology storage and other vendors permission to relax data security.

Outstanding objections

Not everyone in the U.K. is happy about this move, understandably. The Ministry of Justice (MoJ) has already stated in a report by Out-Law that it wants the EU to reconsider the decision, as it feels it will lead to additional data breaches and threats by creating a false sense of achievement and standards among data security entities.

"The [Commission's] Impact Assessment does not assess the cost of many measures that will have an impact on business," said an MoJ official. According to the source, the MoJ wants all businesses with more than 250 employees to be required to hire a data protection or similar IT specialist. It pointed out that the financial impact on private individuals and public companies would far outweigh initial savings a business would enjoy for not meeting previous EU standards.

Related posts:

  1. Unstructured data leads to mounting compliance costs, study reveals
  2. PCI Council issues new guidelines for the cloud
  3. Need to Know Now: New Cloud PCI DSS Guidelines
  4. PCI council introduces tokenization guidelines

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.