TECH-ARROW has comprehensive solutions and extensive experience to help you build a plan and implement the processes and controls to demonstrate and manage ongoing compliance.
What are the new GDPR requirements?
Companies will have to appoint a DPO (Data Privacy Officer), who is responsible for advising on and monitoring GDPR compliance, and is a point of contact for the authorities.
There are new regulations and requirements for collecting and recording personal data and processing activities.
Data authorities and consumers must be notified within 72 hours after the discovery of the breach.
A tiered penalty framework with fines of up to 4% of global annual turnover (or €20,000,000, whichever is higher) for more serious violations, and up to 2% (or €10,000,000) for other violations, such as failing to notify a data authority about a breach.
Local data authorities will have additional resources to investigate and audit data controllers, and processors and their sub-contractors. A new European Data Protection Board will act as a super data authority to handle disputes between authorities.
What is the EU General Data Protection Regulation (GDPR)?
A uniform law across the EU and beyond, with new requirements for documenting IT procedures, performing risk assessments, rules on breach notifications, and tighter data minimization – establishing a single law to enforce European data protection rules and regulation and the right to personal data protection.
The GDPR applies to EU based companies, and companies that collect data of EU citizens, regardless of their physical presence in the country.
The GDPR means that it’s more critical than ever to know your data. Where is your sensitive data stored? Who is accessing it? Who should be accessing it?
Read the full text of the GDPR here
Why contentACCESS for GDPR compliance?
You can’t protect your organisation’s sensitive data if you’re not sure exactly what it is, or where it is. We provide software and services for all phases of the data protection life-cycle.
WHAT’s the challenge?
WHY it’s important?
HOW we solve it?
The European Union’s new data protection framework, known as the GDPR (General Data Protection Regulation) will come into force soon.
It affects any company doing business in the EU. Expect stronger enforcement and penalties.
contentACCESS helps you to keep all your data fully under control, safe and meeting the GDPR regulations.
Start Taking Action!
According to CSA’s 2014 Cloud Adoption Practices and Priorities report over 70 percent of executives and IT managers say they are unaware of how many unauthorized cloud or shadow cloud apps and services are watching. They simply don’t know which file sharing apps being used. Furthermore, since data is stored offsite by a cloud service provider, they believe that they have nothing to worry about. But the opposite is the case. The business retains primary responsibility and must work with their employees and cloud service providers to comply with GDPR.
Make sure you’re on track to meet the 2018 deadline!
Increased documentation and data classification requirements mean that you need to know where personal data is, who’s accessing it, and making sure only the right people have access to the right data. contentACCESS helps to manage and protect your data in accordance with GDPR enabling you to grow your business with confidence.
Data discovery, protection, and retention
Identify where personal data is located (NAS, SharePoint, Cloud, etc.) and meet accountability obligations of personal data.
Monitor and audit data access and permission changes, and keep records of data processing activities.
Delete global accesses and overexposed data, making sure that personal data and sensitive information is kept on a need to know access basis.
Apply a least privilege model, ensuring a level of security and protection for personal data by design and by default.
Limit data retention and comply with Right to erasure and “to be forgotten”: establish data retention procedures and systems so that data is never stored longer than necessary.