Risk, Security and Compliance Audit Review
The EU General Data Protection Regulation (EU GDPR) is new legislation that provides a single, harmonised data privacy law for the European Union. With the increasing risk of data breaches from cyber attack, the EU GDPR aims to prevent the loss of personal data by improving data security for all individuals living in EU member states. UK organisations have until May 2018 to comply with the new law, or potentially face fines of up to 4% of annual turnover or €20 million. Contact Us for further details
GDPR COMPLIANCE SIMPLIFIED
For most organizations, gathering, processing, and exchanging personal data is a commonplace, daily exercise. Great advancements in technology and an increasingly globalized environment over the past 20+ years have enabled a much higher rate of data processing, data exchange, and international transfers of personal data. This data revolution introduced new challenges in matters of personal data protection. Recognizing the shortcomings of the then-current regulation, European Directive 95/46/EC, the European Commission has passed new legislation—the General Data Protection Regulation (GDPR). The overarching goal of the GDPR is to strengthen and unify data protection for all individuals within the European Union (EU).
Warrior Networks GDPR Compliance Solution
Warrior Networks Provides Automated Compliance Support for the GDPR.
The GDPR Compliance Module ensures that you meet your compliance needs and helps to bolster your security operations program, saving you time and money.
With the GDPR Module, you’ll be able to monitor and protect personal data in your environment.
Compliance Module Features:
- Pre-built AI Engine rules and alerts mapped to GDPR articles
- Highly customizable and flexible visualizations via dashboards
- Fast and granular customization capabilities to fit your organization’s unique IT environment and policies
- Robust case management and automation playbooks to enhance security workflow
- Predefined reports to easily document evidence of compliance
The GDPR legislation is a daunting document with 99 Articles and 173 Recitals that outline the new, comprehensive standards.
This regulation can be summarized into seven equally-weighted principles:
1. Lawful, fair, and transparent processing: Explicit consent by the consumer is critical before any personal data can be captured, processed, or stored. Also allows for the ‘right to be forgotten,’ where a consumer can request their personal data be deleted. Individuals also have the right to access all their personal data a company may hold.
2. Purpose limitation: Organizations must have a legitimate and lawful purpose for processing personal data.
3. Data minimization: Organizations should capture the minimum amount of data needed for the specified purpose.
4. Accurate and up-to-date processing: Organizations must employ data controllers to ensure information remains valid, accurate, and fit for the specified purpose.
5. Limitation of storage in the form that permits identification: Discourages organizations from keeping personal data for longer than is necessary.
6. Confidential and secure: Organizations must protect the privacy and integrity of the data by ensuring its security.
7. Accountability and liability: Organizations must demonstrate compliance to the regulation.