General Data Protection Regulation (GDPR) is HERE. Are you prepared for it?
It’s essential that businesses understand what this means for their operations, especially if they are reliant on personal data.
From today, the EU’s General Data Protection Regulation (GDPR) will be fully implemented with the primary goal to “give citizens back control of their personal data.”Penalties for non-compliance is up to 4% of a company’s annual global turnover.
Despite the obligations for businesses to strengthen their data protection practices in relation to the storage and processing of personal data – research from Kaspersky Lab found that 20% of IT departments still have little or no awareness of GDPR.
What is GDPR?
The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and is designed to harmonise data privacy laws across Europe, to protect and empower all EU citizens data privacy. See http://www.eugdpr.org/ website for full details.
What do I need to monitor?
It’s important that companies take an approach that scans data in all of its forms and states, including on workstations, servers, websites, and removable storage devices, as well as any data that is being hosted, migrated, and managed in cloud-based environments.
In addition to data discovery and classification, these technologies are recommended for GDPR compliance: Access Control, Identity Management, and Privileged User Management
What constitutes personal data?
Any information related to a person or ‘Data Subject’, that can be used to identify the person. It can be anything from a name, photo, email address, bank details, social networking posts, accounts held on websites or a computer IP address.
The GDPR monitors and inspects each partner executing in website browsers and mobile apps on a continuous basis. Through unparalleled use of highly-sophisticated user profiles, the service detects non-compliant cookies, pixels and other data technologies, such as:
- Actionable information on each data technology used by the site or app: type, function, expiration date as well as vendor name, description and contact information
- Violation resolution, which immediately remediates any unauthorized or noncompliant data collection
- Database of all authorized third- and fourth-party data collection partners and their approved scope of activity
Do you have customer data that is collected online through websites, induction systems, hosting, cloud storage or social media?
The EU General Data Protection Regulation is one of the strictest and far-reaching data protection regulations ever passed. With our website hosting and software development services we can provide compliant systems that fully meet data protection laws.
All of our systems are in house. We host on our own servers, which are physically located at our main premises. This gives us ultimate control and ensures an unrivalled up-time coupled with cloud fail-overs to ensure security. Our team of software specialists can optimise your sites compliance.
Contact our team on firstname.lastname@example.org , or call us on 01724 376002 we’ll be happy to help.
Organisations will face heavy fines for non-compliance from today.