Why GPDR compliance solutions?
Functioning as a centralized dashboard, GPDR solutions provide organizations with a complete view of their information assets (files, data, email, etc.). Our semantic engine, combined with other applications on various mediums (servers, desktops, laptops, pst files, etc.), will conduct a physical inventory of your documents and then a semantic inventory of select target documents.
The GPDR compliance solution enables you to fully understand the structure of your information assets and corporate documents so that you can get the most value out of them.
REQUEST A DEMO
Get your organization ready for GDPR!
“In May 2018, the General Data Protection Regulation comes into force. Many new and stringent requirements, related to personally identifiable information (PII), need to be addressed immediately. All organizations with more than 250 employees and doing business with EU citizens must comply. The challenge, for most organizations, is that documents containing PII are omnipresent, well beyond traditional ERP systems, in email systems, file shares, ECM platforms, cloud repositories, etc.”
Do you know about the General Data Protection Regulation (GDPR)?
The General Data Protection Regulation (GDPR) is a law designed
to protect personal data.
GDPR harmonizes data privacy laws across Europe. The law extends regulations to corporations that operate in Europe.
GDPR provides for the protection, processing, and movement of personal data. It covers information used to identify or profile a person to evaluate, analyze, or predict behavior.
The law protects individuals who give information freely and applies to organizations that collect or process personal data. GDPR applies when specific, informed, and explicit consent is given by statement or action to signify agreement to process personal data.
GDPR also applies to situations where a data breach leads to accidental or unlawful access to or destruction or misuse of personal data. The law covers biometric data relating to physical, physiological, or behavioral information of an individual and their unique identification. It also relates to inherited or acquired data, biological sample data, and health or physiological data.
GDPR was approved by EU Parliament on April 14, 2016, and will be enforced on May 25, 2018.
Non-compliant firms will face heavy fines. GDPR applies to businesses that process personal data of people residing in the European Union. If a business breaches GDPR, fines can amount to 4% of annual global revenue or €20 million (whichever is greater). When a customer does not provide sufficient consent to process data or when consumer records are not in proper order, fines can amount to 2% of annual global revenue..
When a business does not adequately notify a supervising authority about a data breach or fails to conduct a proper impact assessment, fines can amount to 2% of annual global revenue. Notification of a data breach must take place within 72 hours of a breach.
GDPR makes it necessary to confirm the processing of personal data. A business must stipulate where personal data is being processed and for what reason. A request to give or withdraw consent must be intelligible in an easy-to-access form that is clear and distinguishable. Individual data subjects have the right to have their personal data erased and for any dissemination to end. GDPR creates an internal record-keeping requirement. Businesses that systematically monitor data subjects on a large scale are required to appoint a data protection officer (DPO) to cover core activities related to the processing personal information. Data subjects have the right to obtain a copy of personal data processed by electronic means. The law also applies to data transferred from a controller to another controller of personal data.
A business must engage a DPO when data processing is a core activity. GDPR specifically applies to businesses that process health, religious, or political beliefs data. The law applies to businesses with over 250 employees that process personal data of over 5,000 data subjects in a 12-month period. Personal data includes the name, photo, email address, bank information, social media website information and posts, medical information, and/or computer IP address. Parental consent is required to process personal data of children under the age of 16 for online services.