According to every statistic I’ve read, there is still a huge chunk of business owners who have not even read the GDPR yet, let alone done anything about it. To be clear; no matter the size of your business, you have to comply.
The title should actually be more in question form; Did you know that there’s even a difference between being erased and being forgotten?
Article 17 of the GDPR is “Right to erasure (‘right to be forgotten’)“, which suggests they are the same thing. They are not [quite], and I think the only reason the right to be forgotten was added in brackets is because everyone was already calling it that. But it’s just not accurate …enough.
My original title was “Data Security vs Data Protection[…]”, but an unfortunate number of people see these as pretty much the same thing, even interchangeable. Then I chose Cybersecurity instead of Data Security but that doesn’t cover all forms/formats of personal data, so I finally had to settle on Information Security.
As for Data Protection, it’s not, in and of itself Privacy, and so on…