On May 25, 2018, the General Data Protection Regulation (GDPR) will become law in the European Union (EU). This regulation is the strictest personal data privacy regulation in the world and it will impact anyone doing business in Europe or having business involving European citizens. GDPR raises the bar for data privacy protection and requires businesses to visibly protect confidential information and places strict penalties on companies that experience a data breach. The penalties for non-compliance are significant and fines as high as €20 million are possible.
For a business to be GDPR compliant they must first have an understanding of their data: what it is, where it comes from, what it’s used for and who touches it. Since GDPR mandates that companies also govern all third parties that process their data, companies must also evaluate all of the systems, infrastructure and applications that create, store and transport their data. This includes servers, public, private and hybrid clouds, hosted applications, as well as web-based SaaS applications.
As the deadline for GDPR compliance approaches, many customers are unsure where to begin. With roughly 160 GDPR requirements and a mandated 72-hour notification for personal data breaches, it’s clear that most organizations can’t do this alone, and need a mix of technology and processes to help accelerate the path to compliance.
Advantage works with over 150 services providers around the world, and every single one of them is focused on the GDPR requirements. We also work with numerous global Security-as-a-Service providers who have been designing GDPR-compliant solutions for years, even before the regulations were published. Together we can help you assess your environment, make appropriate adjustments, and help you put internal guidelines in place to ensure that your company is GDPR compliant today and into the future.