Tips, Expertise, Articles and Advice from the Pro's for Your Website or Blog to Succeed
As the basis for the main requirements for data protection, we will consider the EU GDPR as the most pervasive and influential legislation in this area. In this article, we will skip the legal and organizational parts of the regulation which you can read elsewhere, and jump right in to explain what technical measures you can implement to get compliant.
If you have a compliance check scheduled you will need to have the following in place:
In order to reduce the possibility of a data breach, organizations are applying controls to ensure personal data is adequately protected. The main motivator for this shift is still the ‘dissuasive’ effect of the fines that can be applied by supervisory authorities under the GDPR (Article 83.1).
Fines to sanction non-compliance issues have been steadily escalating to the upper levels allowed by the Regulation, as in the case of Amazon, facing a €746 million penalty (July 2021), or WhatsApp in Ireland, with €225 million (September 2021).
Data loss prevention tools are often employed to discover and monitor personal data in the cloud, but how effective and costly are they?
Personal data laws have been a bit of a spanner in the works and made everyone have a bit of a rethink about how they store client data that could be classified as “personal”. The thing is, which data can be classed as personal can change depending on whether it is paired with other data. This means that data that has the potential to be personal could be pretty much anywhere.