Konica Minolta takes global lead on data protection ahead of GDPR introduction

| 27 september 2017

Ahead of major changes in EU data privacy regulation, the Konica Minolta Group has announced its new Global Personal Data Protection Policy to ensure it remains at the forefront of global best practice in this field. The forward-thinking policy has been announced in advance of the introduction of the EU General Data Protection Regulation (GDPR), which will be enforced from 25 May 2018. Described as the most important change in data privacy regulation in 20 years, GDPR will entail widespread changes for businesses – both EU-based and non-EU-based companies processing personal data from EU citizens – by significantly enhancing the rights and protection of individuals. Konica Minolta’s policy will not only fulfil these requirements, but also exceed them.

As companies ready themselves for the introduction of GDPR, Konica Minolta is welcoming this legislation and maintaining its pioneering role in this area through the worldwide introduction of a data protection policy that exceeds both the standards of the regulation and its immediate geographic scope.

Implemented with immediate effect, the new policy framework of the Konica Minolta Group is key to delivering data protection that is best in the class. As well as being introduced in EU countries – as required by GDPR – the policy will also be applied to Konica Minolta operations worldwide, ensuring that they experience the highest level of data protection no matter where customers are based. Ensuring the effective operational implementation of the policy and ongoing compliance and accountability on a national level, the Konica Minolta Group has appointed a Data Protection Coordination Manager in each country in Europe. These managers report directly to the Managing Director of each of Konica Minolta’s national organisations as well as to Dr Frederike Rehker, who is coordinating these efforts as Data Protection Officer for Konica Minolta Business Solutions Europe GmbH and Konica Minolta Business Solutions Deutschland GmbH in Germany. This central role is a key element in the company’s systematic and strategic approach, expanding its activities into the countries. For complete transparency towards its customers and partners, Konica Minolta is publishing the details of the data protection policy on each country website.

Protection by design and by default

The Konica Minolta Group will implement appropriate technical and organisational measures for ensuring that, by default, only the personal data that is necessary for a specific purpose is processed. Personal data will be collected and processed in compliance with the regulation and in a fair and transparent manner to protect the individual rights of the data subjects. Every effort will be made to ensure the ongoing accuracy of data and, beyond its required purpose, no personal data will be retained any longer than necessary. Furthermore, the principle of Data Protection by design and by default will be followed during the development of new products.

The global data security challenge

Konica Minolta views its leadership in data protection as an important responsibility – not only to safeguard its customers but also to promote a wider awareness among businesses as to the significance of the imminent regulatory changes. According to a survey by IDC[1], nearly 80 per cent of IT decision-makers are either not fully aware of the impacts of GDPR or have not heard of it at all. Furthermore, of the 20 per cent that are aware, only 20 per cent fulfil the new obligations, 59 per cent are still working towards compliance and 21 per cent are not prepared in any way.

At the same time, the need to implement adequate protection for data has never been greater as security threats increase: today, 73 per cent of all global brands, organisations and companies have already been victims of denial of service (DDoS) attacks (often conducted as part of data theft activities) and with more than 3,700 denial DDoS attacks happening each day.[2]

[1] IDC survey 2017: “1 in 4 Companies Have No Clue GDPR is Coming Their Way”

[2] LANLine, 30 August 2017 (German source): http://www.lanline.de/datensicherheit-im-byod-zeitalter/