An Answer To The GDPR Risk

In the Loyakk series of 3 articles, we have looked at the impact of GDPR on business and how blockchain can help business to become compliant. In these articles, we investigated what GDPR means for business and why it was introduced. We have highlighted some of the high profile companies who have fallen foul of the regulations and have drawn attention to the size of the fines meted out to them.

Most importantly we have stressed the huge advantages that blockchain brings to business and how with the help of the Loyakk Vega Enterprise Relationship Management platform business can be helped to become GDPR compliant and companies can retain incredibly precise and far-reaching control over all their data.

One of the most worrying conundrums for a business is how to ensure that it complies with GDPR (General Data Protection Regulations).

So why is this so important?

A little matter of a fine of up to €20 million or 4% of global revenue — whichever is higher!

So there you have the answer and the reason why enterprises are throwing such huge resources in this direction.

The Cost To Business

So, since GDPR regulations came into force in May 2018 there have been a number of high profile contraventions which have served to keep enterprise eyes riveted on this area.

Facebook has been in the news in the recent past for one thing or another and its reputation has been tarnished with regard to its obligation to its customers. It would appear though that the fine of £500, 000 was a real let-off given that the Cambridge Analytica scandal happened before the GDPR regulations came into force.

Perhaps an even bigger breach occurred when US credit reporting company Equifax was compromised and 15 million UK citizens had their personal data hacked. The ICO (Information Commissioner’s office) levied a fine of £500,000 which, together with that of Facebook is the biggest fine imposed so far. The UK figures would appear to be dwarfed if one also takes into account the fact that more than half of all US citizens had their social security numbers divulged in the same hack.

The CEO of Equifax Mark Bergor recently admitted to a congressional hearing that he personally had been a victim of identity theft 3 times over the last 10 years!

One more high profile hack on a similar level of penalty fine was that of Talk Talk, the telecommunications company. Talk Talk was fined £400,000 when customers had their bank account numbers and sort codes exposed to hackers. One positive that can be taken from this particular case was that at least the public was informed about the hack within the first few hours of it taking place — the same not being able to be said in many other instances.

Just a few more high profile names to have been hit with fines following data breaches include Keurboom Communications and The Carphone Warehouse (£400,000 each) and Uber (£350,000). Even the Crown Prosecution Service was fined £325,000 following the loss of recordings of child sex abuse interviews.

Some of the industries that will be most affected

Obviously, any business based in Europe is affected by GDPR but also any business that transacts with European companies is also affected. However, some businesses are affected more than others due to the nature of their interactions with customers.

The health sector is an industry with literal masses of patient data which needs to be securely kept. However, given the historical use of paper records going back many years, medical centres are faced with the task of digitising them for greater safety and security. Nonetheless, once digitised the medical authorities then have the problem of a centralised database that runs the risk of hacks and data loss.

There does also appear to be a conflict of interest here given that medical records need to be kept in order to ensure a patient’s history is complete, whereas the patient’s ‘right to be forgotten’ gives them the option to have this data erased.

GDPR is supposed to put the individual in control of their personal data and so a huge increase in potential patient data requests is providing the industry with much food for thought.

The finance sector will already be a long way down the road to compliance given the sensitive nature of the client data that finance companies hold. However, the constant need to share client data with third parties means that these companies need to reassess their processes on a continual basis which is, in fact, another of the requirements of GDPR.

It may well be necessary for a company to employ a DPO (Data Protection Officer) in order to constantly monitor compliance and to act as a point of contact for individuals who desire more information on how their data is treated.

The automotive industry is another sector where personal data is propagated across many channels. Just one example of an area of particular concern is that of (OBD) Onboard Diagnostics. This is where increasingly large amounts of data are captured such as destinations and phone contacts. These are wirelessly captured and so GDPR compliance would mean a customer opt-in to this use of their data.

Other software is being introduced into cars as technology advances and therefore the capture and analysis of this data need to have governance and privacy structures built in from the beginning.

Vulnerabilities of the ‘value web’

The various entities that interact in these industries come together to form business relationship networks or ‘value webs’. These multiple parties all have a part to play in the production of a product or service. However, as the value web grows and more third-party stakeholders join, the vulnerability of the data increases.

Imagine the sheer volume of data transmitted across a value web between so many different interested parties. Once a business’s data leaves the comparative safety of their firewall it can then follow a myriad of paths and chances are that the business could well lose track of exactly who has access to what.

Loyakk provides answers

Loyakk is a large scale data solutions company which has existing clients among blue chip enterprises. In answer to their client’s need for vastly superior data security and privacy plus an enhanced enterprise relationship model, the Loyakk Vega Enterprise Relationship Management platform is being developed for blockchain.

The nucleus of the Loyakk Vega platform is the LYKK token. This token wraps all data that comprises any interaction between customers, channels, partners, distributors and vendors.

Within the token’s smart contract resides built-in business rules, relationship structures and legal agreements. This enables a business to share sales data, deals data and streamline processes that exchange value data.

Blockchain adds immutability and transparency to the equation giving an enterprise the power to audit its data in a thorough and timely manner. No matter where the data travels it can be tracked and audited.

Permissioning can also be built-in to the token and this allows the enterprise to securely protect each data interaction by setting exactly who is allowed to see it and also to interact with it.

Conclusion

Loyakk is looking to disrupt business use of data across the board. In just the 3 industries mentioned above, Loyakk can transform processes and maximise value webs. The Loyakk Vega platform would enable the health industry to keep patient data private as online services continue to grow. In the finance industry, streamlined processes and transactions will help to cut bloated overheads. While in the automobile industry the development time of new projects can be cut drastically.

In fact, with the Loyakk Vega platform, coping with GDPR compliance can be looked at as opening possibilities and advantages rather than just being forced to comply with overbearing regulations. The enterprise that uses this platform can have real-time and accurate data that is only stored as long as it is required, is totally accessible and completely secure.

It can not be argued that General Data Protection Regulations were absolutely essential in order to protect the rights of the individual. A platform like Loyakk Vega that addresses these regulations while at the same time providing such an effective business relationship model deserves its place in the vanguard of the enterprise blockchain revolution.