General Data Protection Regulation or the General Privacy Protection Regulation. This is a new EU legislation that will significantly impact the work with personal data.
GDPR will apply across the EU to all companies, institutions, individuals, and online services that process data from users, employees, customers, clients, or suppliers across sectors. Importantly, the regulation will also apply to companies and institutions operating on the European market (eg Google, Facebook).
GDPR enters into force on 25th May 2018 across the EU. By that time, all those covered by the regulation must revise their information systems and procedures for the handling of personal data.
The general personal information includes the name, gender, age and date of birth, personal status, but also the IP address and photographic record. As the GDPR also applies to business individuals, we also include so-called organizational data, such as e-mail address, telephone number, or different identification data issued by the state.
Do you process data? What are your responsibilities?
The Regulation newly introduces the principle of responsibility, namely the obligation of data controllers and processors, regardless of their size or number of employees, to create technical, organizational and procedural measures to demonstrate compliance with GDPR principles.
Applying the principle of responsibility will entail for businesses considerable time and financial investment. These will cover in particular the following areas:
Implementing the necessary data protection
Assessing the impact on the protection of personal data
Appointment of a Data Protection Officer
Introduction of pseudonymization of personal data
Keeping records of processing activities
Consultations with the supervisory authority before the processing of personal data itself
How about you?
Do you have an overview of which documents and data can be made to what departments and what happens to them during their lifecycle? How is archiving and backup guaranteed? How much can a data leakage or loss of a document cost? Are you backing up and recovering data properly? And is everything really going well or are they just written rules?
Security and monitoring of end stations and servers
Using end-security and monitoring software, we help you with a multi-level audit of your employees' work. We can harness the taking of important data, highlight the ineffective or dangerous activity of your workers during working hours. Combined with active security features, this can prevent unnecessary damage to the company. If you are more interested in introducing the most common scenarios and experience from practice.
Security and monitoring of network traffic
Do you want to ensure the best safety of your network? And because not all threats can be effectively defended, we can at least minimize casualties in case of an attack? Monitor network traffic and identify nonstandard traffic on the basis of statistics? We have several scenarios and software tools that are highly valued helpers in this area.