EU GDPR – a short overview and helpful panagenda solutions
The EU General Data Protection Regulation (GDPR) is put into force on 25th May 2018 and is the most influential change in privacy and data protection with a worldwide impact. Particularly sensitive is the fact that in future, the entire burden of proof concerning the correct handling of personal data lies with the companies. As such, the complete documentation of dealing with the data is just as important as the establishment of smooth, efficient processes for different situations.
Knowledge comes from raw data and algorithms. Comparisons of data with oil or gold are misleading because data can be copied at marginal cost. Unlike with physical resources, it will therefore not be the scarcity but the control over data copies that will be crucial in future.
Today, we would like to highlight two of our solutions that help IBM Domino customers with their documentation obligations around the EU GDPR:
You already have GreenLight or MarvelClient?
Then get your SecurityInsider upgrade for just $2 per user by January 31, 2018!
Learn more about SecurityInsider below. Further helpful panagenda solutions around the EU-GDPR will be presented in the coming weeks. If you want to know more today, simply contact us and get a free consultation with a panagenda expert who will show you what role panagenda solutions can play in the realization of your GDPR plans.
EU-GDPR – a short overview
Numerous new provisions are determined by the General Data Protection Regulation. We have summarized particularly important points for you:
The right to be forgotten: Is the improvement of individual rights to data deletion and data portability. This is to ensure that personal digital information is not permanently available to companies, or can only be used with the consent of respective persons.
Administrative penalties of up to €20 million or 4% of worldwide turnover can be imposed, whichever is higher. The penalty depends on the severity of the misconduct.
Data breaches must be reported to the relevant data protection authority within 72 hours after becoming aware of the breach. The potentially affected persons are to be informed immediately of a data leak.
Companies are obliged to take “appropriate technical and organizational measures” to protect personal data. These measures must be constantly reviewed and updated.