GDPR Changes
From 25/5/2018 companies need to comply and be in line with the GDPR regulations.
Instead of becoming scared and only focus on the regulations, please have a look at what type of solutions you can put in place.
From 25/5/2018 companies need to comply and be in line with the GDPR regulations.
Instead of becoming scared and only focus on the regulations, please have a look at what type of solutions you can put in place.
As a Privacy Officer, you basically need to get control over data flows in your organization, transparency of the processing of personal data, and a way to report to management and the data processing authorities. We do have the solutions in place to answer these needs and as a result your organization thereby not only gains insight into what happens with personal data, but it also proves to your customers and data processing authorities that it takes privacy seriously.
According to a
Ponemon Report,
only 12%
of IT and security staff
know the risk
to their
structured data.
Discovering where you sensitive is located, is a first and an important step but then obviously you need to guarantee that this data is properly protected. GDPR endorses the concept of pseudonymization for data privacy and when supported by the proper technologies, which protect data itself at rest and in use, considers it safe for transfer across borders and in the event of a data breach. We offer a number of solutions in this context – from data masking up to tokenization solutions. We also offer solutions that monitor what happens with your data and allows you act when necessary.
One of the fundamental elements of the GDPR is the Data Subject consent linked to a specific purpose. Nowadays consent is typically managed in a marketing automation or other similar platform. Typically this is an island application and the consent of a particular client is lost when his or her data is being used by marketing, sales or other departments. At that moment you obviously risk of violating the consent requirements as stipulated by the GDPR. You require a solution that lets you manage and govern your customer's consent across your complete organization.
The GDPR data portability, the right to be forgotten, ... require that you also have a single of view on your customers. Creating a single, authoritative view of personal data from disparate, duplicate and conflicting information lets you get control of these data assets across your landscape. Only with a single view and the proper data lineage you can put your customer GDPR requests into effect.