What is General Data Protection Regulation (GDPR)? Who has to Comply with GDPR?
Does your organization collect European Union (EU) citizen data? If yes, then you most certainly need to comply. The EU passed this privacy regulation which includes requirements for protecting personal information, make sure that it stays private and it give the individual the “right to be forgotten”. The latter may be the most difficult to implement but we have a solution for that as well. With the deadline soon approaching in mid 2018, the stakes are high: failure to comply with GDPR can trigger fines of up to 4% of a company’s annual gross revenue or 20 million euros.
Many organizations still have not recognized the impact of this regulation and many US companies still have not realized that GDPR applies to them.
We can conduct an assessment to help speed your company’s path to GDPR readiness. Goal of assessment will be to (1) identify areas of risk, and (2) develop a roadmap for mitigating those risks.
GDPR roadmap should include three key activities:
- Discover and classify personal data
- Implement controller and process governance to track where personal data is processed and create an audit trail.
- Manage personal data breaches and notify the organization if and when a breach occurs.
IBM Guardium is uniquely positioned to help you comply with this regulation. Guardium comes with pre-built GDPR accelerators, right out of the box.
“The Right To Be Forgotten” Probably the most challenging part of the regulation to implement. This is best solved with IBM Guardium Data Encryption and the use of cryptographic erasure.
If you feel that your organization may need to comply with this regulation but are not sure, give us call or drop us an email at info (at) adaptivesystemsinc.com. We can go thru a quick exercise to help you determine if it is something you need worry about.
Hope you enjoyed reading this blog.
Visit the Resources page for more eBooks or Whitepapers