sobota 30. prosince 2017

GDPR – A legislative milestone for a digital age

PDF soubor s názvem "guide_gdpr_legislative_milestone_en.pdf"
najdete ke stažení na portálu "", na adrese:
Cituji z textu:
"GDPR – A legislative milestone for a digital age BY NEIL THACKER, INFORMATION SECURITY & STRATEGY OFFICER, EMEA FORCEPOINT™ The clock is officially ticking for organisations to get their data protection policies in order now that the General Data Protection Regulation (GDPR) has been approved and is set to replace the previous EU Data Protection Directive. The new regulation will come into effect in May 2018 and will require organisations to put a much stricter focus on data protection. The headline items for organisations that collect or process EU citizen records are: } They must notify their supervisory authority of a data breach within 72 hours. } The subject will have the right to retract consent, request data erasure or data portability. } They may face fines of up to 4% of their worldwide turnover, or €20 million for intentional or negligent violations. These increased sanctions mean it is vital that this new law be fully understood by a number of key stakeholders within the organisation, and that organisations start preparing to comply with the new regulations as soon as possible. There are five key steps to help organisations perform a basic assessment of their current data protection strategy and to identify any potential gaps that need filling prior to a more comprehensive view of the GDPR...."
Příklad nabídky profesionálního poradenství v GDPR:
"THERE ARE THREE CORE AREAS WHERE FORCEPOINT’S SOLUTIONS CAN HELP ORGANIZATIONS MEET THE REQUIREMENTS OF THE GDPR: } Inventorying personal data, whether as part of the initial scoping of a compliance program or to support the operational duties of controllers, processors or responders, including dealing with subject access requests or data incidents. } Mapping personal data flows across the organization that expose broken business processes and unsanctioned IT or highlight supply chain activity that puts critical data at risk. This clear visibility allows organizations to implement management and control of personal data flows using mechanisms such as authorization, policy-based encryption, notification and blocking to mitigate risk. } Leveraging behavioral analytics and risk modelling to rapidly detect high risk employee activity (malicious or compromised) and broken business processes that put critical data at risk, as well as enabling a quick and decisive response, which often lets organizations get ahead of the breach itself."