Understand and Achieve GDPR Compliance
The General Data Protection Regulation, or GDPR, was developed to bring legal unification and clarity to the protection of EU citizens’ personal data. Many organizations, however, are unaware of how personal data is defined under GDPR, what they need to do to achieve GDPR compliance, or if they even need to comply at all.
The GDPR’s definition of ‘personal data’, however, is incredibly broad. Home addresses, names, birthdays, photos and even social media posts are all considered Personally Identifiable Information, or PII, as defined under GDPR.
GDPR also gives an EU citizen the right to know what PII is being collected, why it’s being collected, and how it’s being used. And if they so choose, EU citizens can require data controllers to transfer, surrender and even delete their PII.
With the deadline fast approaching (May 24, 2018), the International Commissioner’s Office (ICO) will require any company doing business with individuals located in the EU to demonstrate they have numerous controls in place to protect EU citizens’ privacy, or face steep fines. Unless these organizations are able to locate, secure and demonstrate the necessary data privacy controls, they won’t achieve GDPR compliance.
Achieve GDPR Compliance with Support from the Accellion Platform
With the Accellion secure file sharing and governance platform, organizations and their Data Protection Officers (DPOs) can see where their content resides and securely share it beyond their enterprise borders, while maintaining all the controls and audit details required to achieve GDPR compliance.
Whether customer data resides in on-prem or cloud-based systems, organizations can maintain full control and visibility over all the customer PII distributed across the enterprise. This includes data stored in Enterprise Content Management (ECM) platforms like Microsoft SharePoint and OpenText, cloud-based repositories like SharePoint Online, Dropbox and Box, or critical business applications such as SAP, Oracle, or Salesforce.
The Accellion platform further supports global enterprises in their efforts to achieve GDPR compliance by allowing these organizations to assign role-based policy controls and privileges to ensure that only authorized users have access to sensitive content. Lastly, the Accellion platform provides logs and reports which create a transparent trail that auditors and industry regulators can use to track file transfers, shares, views, downloads and deletions.
With Accellion’s integrated governance framework around the systems that hold your sensitive content, CISOs have full visibility into all file activity, including who is accessing, sharing, or receiving data, while maintaining all the controls necessary to protect EU citizens’ personal data and achieve GDPR compliance.
We have put together an eBook, “Understanding GDPR,” that provides an overview of GDPR, including key concepts, the security requirements needed to achieve GDPR compliance, and finally best practices to enable compliance and secure sharing of customer PII while maintaining GDPR compliance.
Also, as a reminder, we will be hosting a webinar with Dark Reading on January 31st at 10am PST Dark Reading entitled: “GDPR – Gain Visibility and Control of Your Customers’ Data,” to get a better understanding of how you can monitor and control customer PII that you share with external processors. You can register for this webinar here.