Call me back

General Data Protection Regulation (GDPR)

In May 2018, a European privacy law, the General Data Protection Regulation (GDPR), comes into effect. It places considerable obligations on organisations with regard to the management of personal data, and gives greater rights and remedies to data subjects. Substantial administrative penalties back the GDPR.

Share this

Let’s talk GDPR

  • DD slash MM slash YYYY
  • :
  • * Required fields
  • This field is for validation purposes and should be left unchanged.

Better protection for EU citizens

The purpose of GDPR is to protect the personal data of EU citizens. It will provide greater assurance of how the information is being used and protected when engaging with services across the globe. As a result, organisations will need to take extra care in how they collect, store and use personal data as well as how they obtain personal consent.

The regulation will encourage organisations to consolidate personal data into a centralised platform to be stored, protected and monitored. When working with customers, some of the considerations we examine are:

  • Discovering the scope and location of personal data
  • Classifying and tagging the data, e.g. ‘PII’
  • Appling appropriate policies and guidelines for personal data usage and sharing
  • Appling security controls, e.g. the use of encryption on personal data
  • Early detection of breaches through unauthorised activity monitoring
  • Providing adequate employee training
  • Incident response procedures and breach notifications
  • Documentation of records and procedures for request

Underpinning all of this is an effective identity management strategy to ensure that personal data is only shared with individuals or organisations that have consent from the data subject.

Get ready for compliance

A high-level approach for organisations to begin preparing compliance with GDPR is as follows:

Discover

Identify the personal data held by your business and where it is kept.

Manage

Govern how this personal data is accessed and used.

Protect

Put in place systems to protect this data and identify vulnerabilities and threats.

Report

Maintain records, manage data requests and breach notifications.

Let’s talk GDPR

Call me back

Allow us to call you about General Data Protection Regulation (GDPR)

  • DD slash MM slash YYYY
  • :
  • * Required fields
  • This field is for validation purposes and should be left unchanged.