GDPR News Center News for 08-31-2018

GDPR Resources

On this page we’ve put together a set of resources about GDPR. We’re doing this so that those in the charity sector – and interested parties outside it – can learn about the practices by which the sector complies with these regulations. We begin with some general information on GDPR. We follow with the ways GDPR relates to fundraising, and then prospect research. We have a section listing resources on privacy impact assessments. 

We hope this list of resources is useful – if you have any questions or comments for us relating to GDPR, or any recommended resources, please get in touch. 

Keywords: [“GDPR”,”resources”,”any”]

Fix it Fast: Apply GDPR to Your Company in 10 Simple Steps: Patrick O’Kane, Kristy Grant-Hart: 9780993478857: Books

Very clear and easy to read – hard to understand why the ICO can’t produce guidelines as good as this, but anyway!My approach was to read 10 pages at time, then go and action it all and come back to the next 10 pages. You use it, it needs to be practical, as everyone’s GDPR implementation will be unique. The book has spaces for making notes in the book, but that isn’t my style – I prefer a digital approach. My only niggle is that there is not an online companion to this book, where you can login and do just that. I’m still giving this 5 stars, because the clarity of the content is worth the price alone. 

Keywords: [“book”,”pages”,”approach”]

A Guide to Help You Prepare for GDPR Compliance, Free Download

The General Data Protection Regulation protects the personal data of EU citizens. If your company handles the personal data of EU citizens, regardless of where you are based in the world, you’ll need to take some important steps to ensure that data is correctly controlled, processed, maintained, retained, and secured. With penalties as steep as €20,000,000 or 4% of your annual gross revenue, this should be a top priority for your team in 2017. It might be daunting, but we’ve pulled together some resources to help you prepare. Get the GDPR Toolkit, and be well on your way to having GDPR confidence. 

Keywords: [“Data”,”GDPR”,”personal”]

Our solutions

Encrypted storage – often referred to as ‘data at rest’ – is most commonly used to encrypt an entire disk, drive or device. This type of encryption becomes effective only once the system is stopped, the drive ejected or the encryption key blocked. Encrypted content – also referred to as granular encryption – means, typically, encrypting files or text at the application level. The most common example is email encryption, where the message format must remain intact for the email client application to be able to handle it, but the text body of the email is encrypted along with any attachments. 

Keywords: [“encrypt”,”encryption”,”email”]

Inbox Pros

Our privacy consultants can work with you to conduct the entire GDPR review process – including a risk analysis, level of effort analysis, and a prioritized GDPR project plan. For each gap, you’ll then need to identify specific remediation actions and estimate Levels of Effort – Low, Medium, and High. We map out the gaps and make sure each group is compliant with the GDPR. By investing the time up front to perform the proper analysis and planning, you can be confident that you will efficiently and effectively mitigate risk while meeting your company’s business objectives. 

Keywords: [“GDPR”,”analysis”,”risk”]

General Data Protection Regulation

With the General Data Protection Regulation 2016/679), the European Parliament, the Council and the European Commission intend to strengthen and unify data protection and privacy for individuals within the European Union. When the law takes effect in May 2018, it will trigger significant changes to how global brands approach online marketing, data protection and privacy policies. It’s important to note that the new legislation also addresses the export of personal data outside the EU – effectively extending its application to any business with even a single customer in Europe. 

Keywords: [“Data”,”Protection”,”European”]

Data Catalog GDPR Compliant Solutions by Waterline Data

Organizations that fail to comply could be fined up to a maximum of €20,000,000 or 4 percent of annual global revenue, whichever is higher. Most organizations don’t have this information documented, and gathering it across a distributed data estate without some level of automation is next to impossible. Waterline provides the only solution that directly addresses the challenges presented by GDPR with software that automatically discovers data subject to GDPR; generates reports on the status of your GDPR compliant and non-compliant data; and makes it easy to secure GDPR data. 

Keywords: [“data”,”GDPR”,”Challenge”]

General Data Protection Regulation

Manage and implement security program practices on premises and in the cloud, such as risk assessment and mitigation, incident identification, escalation, response, forensics and resolution, personnel roles and responsibilities. Measure, document, and communicate program effectiveness to stakeholders. Monitor security operations and intelligence: monitor, detect, respond to and mitigate threats. Manage and implement security program practices such as risk assessment, roles and responsibilities, program effectiveness. Govern data incident response and forensics practices. 

Keywords: [“program”,”practices”,”security”]

GDPR Compliance for Small Businesses

SecurityMetrics PIIscan is a data discovery tools that assists with GDPR requirements by discovering unencrypted Personally Identifiable Information. PIIscan searches computer systems, hard drives, and attached storage devices for unencrypted PII. Once PIIscan has discovered unencrypted PII, a report is generated that displays where the data is located. This makes it easy to securely delete or encrypt this data and reduce your organization’s risk. By using PIIscan, you will also save time by not having to manually search for unencrypted PII on your systems. 

Keywords: [“unencrypted”,”PIIscan”,”PII”]

GDPR News Center News for 08-30-2018

[WEBINAR] GDPR Compliance: “Explain Like I’m Five” with Data Privacy Expert

Jodi Daniels is a digital privacy expert with more than 19 years of experience in privacy, marketing, strategy, and finance roles. She is the founder of Red Clover Advisors, a data privacy consultancy that assists companies with GDPR compliance, operationalizing privacy, digital governance, and online data strategy. Ms. Daniels has worked in multiple industries such as financial services, automotive, media, and retail for Cox Enterprises, The Home Depot, and Deloitte. She most recently served as the privacy partner for digital banking and digital marketing, financial center channel operations, ATMs, and military banking channels at Bank of America. 

Keywords: [“privacy”,”digital”,”Bank”]

FE Preparing for GDPR

Like many companies FE is currently preparing for the General Data Protection Regulation when it comes into effect in May 2018. As a company that is built on the data we collect, you can imagine we are taking the GDPR requirements very seriously and are working to ensure that our privacy standards meet all the requirements of the regulation. To ensure we meet the standards required by GDPR, the way in which you login to FE Analytics and other products and services provided by FE will need to change. Over the coming weeks and months we will let you know what action you need to take. Please look out for further announcements and take the time to action them. 

Keywords: [“take”,”action”,”need”]

The General Data Protection Regulation

The General Data Protection Regulation is a series of laws that were approved by the EU Parliament in 2016. The EU’s General Data Protection Regulation is an initiative by the EU to bring data protection legislation into line with new ways that data is now used. The new regulations will give users great control over their data, including the ability to export it, withdraw consent and request access to it. It also makes data protection rules more or less identical throughout the EU, allowing for the easier transfer of data through out the European Union. It will affect any company that does business with Europe, whether they are based in the EU or not. 

Keywords: [“Data”,”Protection”,”Regulation”]

Countdown to GDPR Summit 2018

‘Driven by demand, and it’s game-changing importance, this will be our 3rd GDPR Summit in the space of just 7 months. No other topic area has ever generated this amount of attention’. It requires organisations to adhere to a host of strict data protection rules for processing the data of EU residents and will penalise those who are non- compliant. Heralding a new era in the regulation of personal data processing in Europe, the GDPR amplifies and expands the rights of individuals to control how their personal information is collected and processed and places new obligations squarely on the shoulders of organisations that collect personal data. 

Keywords: [“data”,”personal”,”processed”]

GDPR Suite

This new regulation will dramatically change to the way data must be handled and processed in the European Union. iGrafx provides the intellectual property of knowing the regulatory elements of GDPR, the means to assess risk from the process perspective, and the system to document operations, model data flow, audit controls, implement GDPR required processes, all in order to help achieve GDPR compliance now and, most importantly, maintain it into the future. A solution for all GDPR Stakeholders: Legal, IT and Process. Process Templates to expedite documentation and automation. Complete visibility and control via Data Flow Modeling. 

Keywords: [“GDPR”,”process”,”data”]

GDPR Compliance: Essential Training

Course Transcript- [Mandy Huth] GDPR is the most comprehensive privacy regulation enacted to date. Any business that has European connections is likely impacted. Hi, I’m Mandy Huth, and I’ve helped organizations with over two billion dollars in revenue prepare for GDPR. In this course, I’ll show you the basics of the GDPR regulation. I’ll begin by discussing what it entails and who it impacts. 

I’ll show you who is responsible for protecting, monitoring and reporting data in various situations. Finally, I’ll discuss the rights of the data subject and how organizations must notify those subjects in case of a data breach. 

Keywords: [“I'll”,”data”,”GDPR”]


Preservica complies with the current 1998 Data Protection Act, and by 25th May 2018, Preservica cloud products and operations will meet the requirements of the General Data Protection Regulation helping our customers protect the rights of their data subjects. It’s important to note that although the GDPR is an EU regulation it may still apply to any organization which is a controller of personal data for an EU data subject, even if that organization is outside of the EU. Preservica will help ensure you meet your GDPR obligations and preserve your valuable digital information for the long-term. 

Keywords: [“Data”,”Preservica”,”organization”]

Data Governance for GDPR Compliance

Any company that processes personal data of individuals residing in the European Union must adhere to GDPR, regardless of their location. This infographic outlines the impact of not complying. DATUM’s GDPR Solution does the heavy lifting so you don’t have to. We provide the experts, the formula, the methodology and the assets you need to successfully comply with the new regulation. GDPR privacy regulation will significantly impact data governance for companies worldwide. 

This webinar sheds light on GDPR’s potential impact on your organization, as well as provide direction on how to meet this challenge head on. 

Keywords: [“GDPR”,”impact”,”regulation”]

GDPR News Center News for 08-29-2018

IDC GDPR Hands-on Workshop

About IDC. International Data Corporation is the premier global provider of market intelligence, advisory services, and events for the information technology, telecommunications, and consumer technology markets. With more than 1,100 analysts worldwide, IDC offers global, regional, and local expertise on technology and industry opportunities and trends in over 110 countries. IDC’s analysis and insight helps IT professionals, business executives, and the investment community to make fact-based technology decisions and to achieve their key business objectives. Founded in 1964, IDC is a wholly-owned subsidiary of International Data Group, the world’s leading media, data and marketing services company. 

Keywords: [“technology”,”IDC”,”Data”]

Varonis Systems

Identifying GDPR data is the first step in preparing for the upcoming EU GDPR. With Varonis, you can automatically identify both country-specific and general patterns: country-specific patterns include Na.tional Identification Numbers, Vehicle ID information, Telephone numbers, Banking data, and more. Generic patterns include credit card numbers, IP addresses, even blood type. Once identified, you can generate reports on GDPR applicable data: including permissions, open access, and stale data. Classifications will help you meet GDPR head-on, building out security policy to monitor and alert on GDPR affected data. 

Get a personalized demo on how we help with GDPR with our expert team. 

Keywords: [“GDPR”,”data”,”Numbers”]

Fix it Fast

Fix it Fast will help you to implement the key requirements of GDPR. It contains templates, outlines, examples and plain-English explanations to help you to:Complete your data inventory so you know where all your data is. Draft and institute a Privacy Impact Assessment process. This book’s 10 Simple Steps will take you from beginning to end of your GDPR readiness and implementation project. This isn’t a legal book – it’s a practical, no-nonsense guide to getting the job done fast. 

This book helps is built for compliance officers, lawyers, information technology and information security professionals, and anyone else tasked with GDPR compliance to complete the critical tasks. 

Keywords: [“book”,”GDPR”,”help”]

GDPR Resource Centre

Peter oversees Bullhorn’s international operations outside North America in his role as Executive Vice President. Peter joined Bullhorn in 2009 and was responsible for its highly successful UK launch and continued expansion internationally. Peter has grown the international team to over 100 staff, established Bullhorn as the UK’s market leading recruitment software and has expanded Bullhorn’s reach into EMEA and APAC, achieving a user base of more than 30,000 international users. Prior to taking on the launch of Bullhorn International, Peter spent 20 years working in the recruitment industry and held a number of senior director roles before moving into the technology space. 

Keywords: [“Bullhorn”,”international”,”Peter”]

GDPR Compliance

The European Union’s General Data Privacy Protection regulation institutes wide-sweeping changes to data privacy for any business collecting and processing data on EU citizens, residents, and visitors. It gives data subjects greater rights and control over their personal information and requires that businesses meet stringent data privacy protection measures as outlined in the GDPR. The GDPR goes into effect May 25, 2018 and businesses found in non-compliance face a fine of up to €20 million or 4 percent of annual revenue, whichever is greater. If you have not yet begun your GDPR compliance process, Imperva can help you meet key security requirements. 

Keywords: [“Data”,”GDPR”,”Privacy”]


FuseMail, as part of the j2 Global group, is taking all necessary steps to comply with the GDPR, including engaging key stakeholders across our company to assess impact of the GDPR on our customers and actively evaluating our internal controls and procedures to identify any changes that need to be implemented in order to comply with the GDPR by the May 25, 2018 deadline. FuseMail will also be incorporating language into existing and new contracts and updating our privacy policies to provide additional assurance that we have appropriate legal mechanisms and safeguards in place to securely process and transfer personal data in relation to the services we provide. 

Keywords: [“GDPR”,”provide”,”comply”]

QuickBooks and GDPR

GDPR will regulate the processing of personal data about EU individuals. This means the collection, storage, transfer or use of data, including the tracking of online activities. It doesn’t matter where the companies processing the personal data are based – if the information relates to an EU individual, it will be subject to the new law. Under GDPR, ‘personal data’ means any data that relates to an identified or identifiable individual, which includes things like your name, your home address, or a government-issued identification number. It does not include non-personal data, such a company registration number, a general corporate email alias or anonymised data. 

Keywords: [“data”,”include”,”individual”]

GDPR Transparency and Consent Framework – IAB Tech Lab

IAB Europe and IAB Tech Lab have released the technical specifications for the GDPR Transparency & Consent Framework. The specifications will be maintained by a working group of the IAB Tech Lab going forward, in a collaboration between IAB Europe and IAB Tech Lab that leverages IAB Europe’s policy and legal expertise and IAB Tech Lab’s technical expertise. GDPR Transparency & Consent Framework – Cookie and Vendor List Format v1.0a. The following drafts are in public comment for 30 days until June 1, 2018 – however you are invited to adopt the pubvendors. Json technology as a beta implementation, even before the specifications are finalized. 

Keywords: [“IAB”,”Lab”,”Tech”]

GDPR News Center News for 08-28-2018


Your personalized guide to readiness is just moments away. With your personalized guide, you will be able to see what critical areas you may still need to address, based on the answers you provide. The report will also save your progress as you complete various steps along the way and serve as a checklist and guide throughout your GDPR journey. Once you access your report, feel free to bookmark the page and return at your convenience to track your progress. About GDPR. 

GDPR aims to harmonize data protection across all 28 EU member states and businesses within the regions. If your organization is active across the EU, understanding and activating initiatives related to GDPR is necessary in order to continue conducting business. 

Keywords: [“GDPR”,”guide”,”across”]

Konica-Minolta – Konica-Minolta

THE BIGGER PICTURE ON GDPR. For us, GDPR isn’t just about being compliant – it’s also about what opportunities it can create for businesses in the future. We understand every business is different, and each one has different needs. That’s why we provide solutions that are tailored for each individual business. It all starts with our free GDPR readiness assessment. 

Request a call back from one of our accredited GDPR Consultants and take the first step towards generating your free GDPR readiness assessment report. Request free readiness assessment YOUR FREE GDPR READINESS ASSESSMENT AWAITS. All you need to do is fill out some information below and one of our accredited GDPR Consultants will call you back within 48hrs. 

Keywords: [“GDPR”,”assessment”,”readiness”]

How will it affect your recruitment? Hireserve

A data mapping exercise is the process of identifying, processing and mapping out the data flows of your organisation. This is a complex process, particularly for organisations with multiple systems and technology platforms in place. Think about the journey your candidates’ data will take, from the moment it enters your organisation. You should also document what information you collect about candidates at each stage of your recruitment process, and document how your organisation(s) use that data. As part of your work towards GDPR compliant processes, you will need to define your organisation’s legal bases for processing candidates’ information. 

You should define and document these legal bases during your data mapping exercise. 

Keywords: [“process”,”data”,”organisation”]

Unprepared for GDPR?

A 2016 independent survey of CIOs at large companies across the globe found that two-thirds of enterprises risk failure to comply with the EU General Data Protection Regulation. The EU General Data Protection Regulation was adopted in April 2016 to unify previously fragmented mandates across EU jurisdictions regarding how enterprises use, manage and delete customers’ Personally Identifiable Information. All enterprises in the EU, the US and elsewhere that capture PII relating to EU citizens must comply with its provisions by May 2018. Any failure to comply with GDPR exposes enterprises to fines of as much as €20 million or 4% of global turnover- whichever is higher. Learn the challenges and implications of non-compliance. 

Keywords: [“enterprises”,”comply”,”Regulation”]

Home GDPR Superheroes

This hands-on workshop will help you understand the implications of GDPR for your organization, bust some myths, provide you with an implementation plan, and give you some practical steps toward GDPR compliance in 3 areas: 1. Process – which processes are affected and how to quickly implement them in your organization 2. Data – building a sustainable data inventory and categorizing Personal Data fields 3. Org – how to set up and manage your customer consents and allowable communications for the Salesforce platform with the new Data Privacy Manager app Join Stephan Garcia from GDPR Superheroes and Richard Parker, Elements. Cloud founder for this invaluable 90 minutes that will kickstart your Salesforce GDPR compliance. 

Keywords: [“Data”,”GDPR”,”Salesforce”]


The main focus of GDPR will be to protect the personal data of all individuals residing within the EU, irrespective of where the company holding the data is based, and includes rules around holding, processing, profiling, maintaining and deleting that data to name a few. In 1998 the Data Protection Act was introduced by UK Parliament as the main piece of legislation to govern the processing of data on identifiable living people. Technology has evolved so much since the act was enforced, that this law is now significantly out of date and does not protect the individual as originally intended. The General Data Protection Regulation under EU law, which was adopted on 27th April 2016 and will apply from 25th May 2018. 

Keywords: [“data”,”law”,”Act”]

The UK’s Leading GDPR Event

The GDPR Summit aims to provide an actionable, practical roadmap for organisations to continue their drive to achieve ongoing GDPR compliance and gain a strategic advantage over competitors. Part of the UK’s leading GDPR event series, supported by Henley Business School’sGDPR Transition Programme, the Summit brings together an unrivalled selection of the UK’s leading data protection experts and practitioners. Described as high impact, content rich and jargon-free; over 40 expert speakers will be on-hand throughout the conference to enrich your GDPR journey: – discuss best practice approaches. Understand the latest guidance on global data transfers. Identify the latest software to manage data for GDPR.. 

Keywords: [“GDPR”,”data”,”latest”]

Working toward GDPR compliance

Compliance doesn’t have to be a scary word – even when facing the multifaceted challenges of meeting the European Union’s May 2018 deadline for its General Data Protection Regulation. SAS conducted a global GDPR survey among 340 business executives from multiple industries. Based on the results of that survey, this e-book delves into the biggest opportunities and challenges organizations face on the road to GDPR compliance. How to get started on the best path to compliance, based on advice from industry experts. How to turn this compliance challenge into a competitive advantage. 

How your peers are preparing across a variety of industries. An end-to-end approach that can help guide your journey to GDPR compliance. 

Keywords: [“Compliance”,”How”,”industry”]

GDPR News Center News for 08-27-2018

GDPR implications for schools

There seems to be a lot of panic related to the introduction of GDPR however, compared to many private organisations, schools are much better placed to address the new regulations. In education, there has always been a culture that values every person’s rights and freedoms. Whilst there are many extra demands required to map and audit personal data stored and shared, schools with existing rigid data protection policies should see GDPR as an opportunity to improve the way they work. Schools have always had to give parents and children access to their data, but under GDPR individuals have the right to ask for that data to be forgotten. This regulation only applies to certain data that you store and GDPRiS will provide the right guidance in such instances. 

Keywords: [“data”,”right”,”schools”]

New Service Blocks EU Users So Companies Can Save Thousands on GDPR Compliance

Catalin Cimpanu, reporting for BleepingComputer: A new service called GDPR Shield made the rounds last week and for all the wrong reasons. The service, advertised as a piece of JavaScript that webmasters embed on their sites, blocks EU-based users from accessing a website, just so the parent company won’t have to deal with GDPR compliance. GDPR, or General Data Protection Regulation, is a new user and data privacy regulation slated to come into effect in the EU three weeks from now, on May 25, 2018. The new regulation brings a wealth of protections to user privacy but is a nightmare for companies doing business in Europe. The reasons are plenty, but the humongous fines for failing to meet GDPR standards are at the top of the list for most companies. 

Keywords: [“Data”,”company”,”GDPR”]

GDPR READY 2018 – Uusi EU:n laajuinen tietosuoja-asetus

GDPR eli uusi EU:n laajuinen tietosuoja-asetus tekee jokaisesta suomalaisesta ohjelmistoyrityksestä rekisterinpitäjän sekä suurimmasta osasta henkilötietojen käsittelijän. GDPR eli uusi EU:n tasoinen tietosuoja-asetus astuu voimaan keväällä 2018. Jäsenille maksuttomassa koulutusohjelmassa käydään läpi käytännönläheisesti tietosuoja-asetuksen velvoitteet ja mahdollisuudet ohjelmistoyrittäjän näkökulmasta kahden vuoden aikana. Ohjelmistoyrittäjät ry ja asianajotoimisto HPP Oy järjestävät kaudella 2016-2018 tietosuoja-asetusta koskevan koulutusohjelman, jonka sisältö vaihtelee koulutustilaisuuksittain. Käytännön valmistelut on aloitettava jo nyt, jotta yrityksesi ja palvelusi on vaaditulla tasolla keväällä 2018! 

Keywords: [“mit”,”tulee”,”EU:n”]

GDPR Compliance

I’m the Principal Security Manager here at Spanning Cloud Apps, and today, we’re going to be talking about the General Data Protection Regulation, what it does, and answering some questions from our customers. The GDPR is the latest legislation to come out of the European Union that deals directly with data privacy. Any company that processes EU citizen data will have to comply with this regulation. We have a pre-signed DPA for any customer that requires it, which also includes standard contractual clauses for those that require it. We work with our customers to ensure that their data stays within the European Economic Area and is never transferred out without their expressed permission. 

We also have secure mechanisms for data subject’s requests. 

Keywords: [“Spanning”,”Data”,”does”]

Data Protection Network

The GDPR will be implemented across all EU Member States on 25 May 2018. As the deadline draws ever closer organisations need to prepare for the swathes of changes the new Regulation ushers in. The Data Protection Network has produced some helpful guides to assist organisations in preparing for the new Law. Download – General Data Protection Regulation – a practical guide for business. GDPR Articles and Recitals – navigating your way through the GDPR text. 

The GDPR text is lengthy and comprises 99 Articles and 173 Recitals, the order of which doesn’t always flow naturally. So to help you the DPN has compiled pages which include the relevant text on each of the key topics. Simply click on a subject below to read the relevant GDPR Article or Recital. 

Keywords: [“GDPR”,”text”,”Recital”]

Implementing GDPR Conference

While many organisations have focused on securing GDPR compliance ahead of the May 2018 deadline, this date is just the beginning of a major transformation in the way we collect, store and use data. Join us for the Implementing GDPR Conference where leading experts will assess the legislation’s impact so far and help ensure your organisation is fully prepared for the future. Taking place one month after the GDPR deadline, this conference will give you the opportunity to compare your GDPR performance with examples of best practice, understand your obligations under the new regulations and re-evaluate your data security procedures. Course dates coming soon…. Please register interest below and we will keep you updated. 

Keywords: [“GDPR”,”data”,”Conference”]

App devs bewildered by last-minute Google GDPR klaxon The Register

Roid developers are scrambling to change their apps after 11th hour privacy instructions from Google left them waiting on an SDK which still isn’t ready. On 4 May, just three weeks before the deadline for implementing GDPR, Google emailed developers who use its Admob advertising system that a new consent API was being rushed in – but wasn’t quite ready yet. In fact the official documentation, seen by us, advised devs not to test the API at all. It wasn’t clear when the consent message would appear, or what it would look like. This week Google clarified things – a bit – with an employee posting on the Admob forum. 

There will be three options on the consent dialog, a rep explained: 1) Personalised ads 2) Non-personalised ads or 3) Ad free. 

Keywords: [“consent”,”Google”,”ad”]

GDPR News Center News for 08-26-2018

GDPR Readiness, Assessment & Compliance

WHO: Enterprises that offer goods or services within the EU as well as enterprises that monitor EU subjects’ behavior within the EU. WHAT: New data privacy mandates have been issued by European Union regulation. WHEN: GDPR compliance must be achieved by 25 May 2018. WHERE: Includes any organization in the world if it retains or processes information on any citizen in the EU. WHY: To better protect any individual’s personal information, to secure rights for the individual over that collected information, and to force enterprises to follow a uniform scheme for data protection. 

HOW: Follow ISACA’s privacy guidance on how best for your enterprise and its staff to assess your unique data protection needs and meet the GDPR compliance standards set by the EU.. 

Keywords: [“enterprise”,”information”,”any”]

Data Security Issues, Risks, Trends, and Concerns

Less than a third of companies are prepared for the GDPR. HAVE A PLAN AND STICK TO IT. If you have checked your compliance and audited your data, you should know what you process, on what legal grounds, who has access and understand the lifecycle of captured personal data. The next step is to implement data protection by design, and by default. Incident Response/Breach notification response plan. 

HOW WE CAN HELP. Thales are specialists in encryption solutions, protecting your data wherever it is in your digital estate. Use our experts to conduct a health check on your organisation to assess your GDPR readiness. Then deploy the Thales eSecurity Accelerator Pack, using our proven technologies to secure critical database or file systems in less than two days. 

Keywords: [“data”,”GDPR”,”Thales”]


It’s essential that you review your approach to governance and data protection and plan your compliance now. Get all the key people onboard, update the relevant policies and procedures and develop any that are missing. Rather than aiming to be completely compliant by 25 May 2018, it’s realistic to have a ‘roadmap’ of how you are going to achieve complete compliance. A good starting point is to introduce a transparent data processing statement, or privacy statement, for all your clients. The ICO website provides more information about privacy statements with examples of good and bad privacy notices. 

Identify and document your legal basis for doing these. InternationalIf you operate internationally, make sure you know which supervisory authority you come under for data protection. 

Keywords: [“data”,”how”,”GDPR”]

GDPR Webinar

GDPR, less than a year away should be on every business’s radar. Our free webinar will share with you the key things to be aware of to help prepare your business for the May 2018 regulation. This may seem a while away, but the regulations will affect all businesses, so now is the time to start planning and putting things into place. Our one hour free GDPR Webinar is downloadable today. This webinar which was live has been created as a useful downloadable resource and includes lots of questions and answers asked by businesses like you. 

Speakers on this webinar were Adriaan Bekker and David Smart from Softwerx plus Karen Cole from RIAA Barker Gillette. Softwerx has helped a number of organisations throughout the UK increase their knowledge of GDPR and become better prepared. 

Keywords: [“webinar”,”GDPR”,”Softwerx”]

GDPR US Firms Whitepaper Landing Page

Due to the constantly changing digital world, the EU took a major step to protect their citizen’s personal data and privacy rights by passing the EU General Data Protection Regulation. Not only firms based in the EU must abide to this regulation. Any firm that does business in the EU or monitors the behavior of EU data subjects needs to comply with the regulation. For US based firms that do business in the EU, it is crucial to understand the regulation and address the key challenges to ensure that your firm is GDPR compliant. Key terms and definitions relating to the GDPR. 

Key challenges ahead. how the GDPR affects how you store data in the cloud. Solutions to complying with the GDPR. How the GDPR will fit with the EU-US Privacy Shield. 

Keywords: [“GDPR”,”firm”,”Regulation”]

GDPR for marketers: best practice, tips and case studies

The new EU General Data Protection Regulation comes into force on 25th May 2018, however only 54% of businesses expect to meet that deadline. Econsultancy is investigating GDPR from a marketer’s persective, highlighting the specific aspects of the new regulation that require your attention. As always we aim to cut through the jargon and present the important details in plain English, and where possible highlighting examples of best practice to help put things in context. All our resources are listed here – this page will be frequently updated with new articles and reports so make sure to check back in future. Econsultancy offers comprehensive online GDPR training, as well as a one-day face-to-face GDPR training course designed to bring marketers up-to-speed. 

Keywords: [“GDPR”,”marketers”,”new”]

Prepare for GDPR Compliance

GDPR establishes the many measures organizations must take to protect personal data belonging to residents of the EU. These measures include: understanding what personal data an organization handles and where this data resides; performing risk assessments to gauge an organization’s exposure to accidental or unlawful loss of this data; implementing various technical and organizational controls to protect personal data; and appointing a chief data protection officer charged with overseeing GDPR compliance. GDPR applies to any organization that handles or processes personal data belonging to EU residents. It establishes strict breach disclosure requirements, and when enforcement begins on May 25, 2018, will impose stiff fines for non-compliance. 

Keywords: [“data”,”personal”,”organization”]

GDPR News Center News for 08-25-2018

General Data Protection Regulation

GDPR takes effect on May 25, 2018, replacing existing EU data protection law. It will affect all EU organizations as well as organizations outside of the EU that offer goods or services to, or process personal data of, EU data subjects. OpenX has been preparing for GDPR since the beginning of 2017. Our early leadership in data protection and compliance allowed us to implement Data Processing Agreements across our exchange in October 2017. We have also reviewed and revised our data security and data protection protocols and policies across the company to comply with GDPR’s requirements. 

As a publisher-focused exchange, we act as a data processor for our publishers and developers. OpenX is committed to helping you understand and prepare for the General Data Protection Regulation. Check out our resources below to stay up to date on EU privacy policies. 

Keywords: [“data”,”protection”,”GDPR”]

A major focus of GDPR is on conditions of consent which have been strengthened. So companies will not be able to use vague or confusing statements to get you to agree to give them data. Firms won’t be able to bundle consent for different things together either. Another rule will make it mandatory for companies to notify their data protection authority about a data breach within 72 hours of first becoming aware of it. When it comes to user data, consumers will have more control. 

You will be able to access the personal data being stored by companies and find out where and for what purpose it is being used. This means you can ask whoever is controlling your data to erase it and potentially stop third parties processing it too. Another provision of GDPR allows people to take their data and transfer it to a different service provider. 

Keywords: [“data”,”consent”,”able”]


This FAQ and the links within provide a general overview of the EU General Data Protection Regulation. It is not intended as and shall not be construed as legal advice. Citrix does not provide legal, accounting, or auditing advice or represent or warrant that its services or products will ensure that customers or channel partners are in compliance with any law or regulation. Customers and channel partners are responsible for ensuring their own compliance with relevant laws and regulations, including GDPR. Customers and channel partners are responsible for interpreting themselves and/or obtaining advice of competent legal counsel with regard to any relevant laws and regulations applicable to them that may affect their operations and any actions they may need to take to comply with such laws and regulations. 

Keywords: [“Regulation”,”law”,”any”]

Senzing ER for GDPR Compliance: Discover the Missing Link Today

GDPR compliance is challenging organizations to respond quickly to data subject access requests. Senzing has developed a highly effective Single Subject Search solution to help companies reduce the costs, time and risks of answering data subject access requests. Senzing ER for GDPR offers a real-time solution for discovering Who is Who in your data. The vital first step every organization must take to become GDPR compliant. Without an effective way to quickly and reliably locate all citizen data, it will be difficult to become GDPR ready. 

Senzing ER for GDPR is an easy to use, effective and affordable Single Subject Search solution that enables you to manage search requests. Most EU companies aren’t ready for GDPR. Get the report with results from Senzing’s recent survey of more than 1,000 companies. 

Keywords: [“GDPR”,”Senzing”,”subject”]

GDPR Non-compliance Risks & Mitigation Strategies

ABOUT TRUSTARC. TrustArc powers privacy compliance and risk management with integrated technology, consulting and TRUSTe certification solutions – addressing all phases of privacy program management. The foundation for our solutions is the TrustArc Privacy Platform which provides a flexible, scalable, and secure way to manage privacy. Our technology platform, fortified through six years of operating experience across a wide range of industries and client use cases, along with our services, leverage deep privacy expertise and proven methodologies which we have continuously enhanced through thousands of client projects over the past two decades. Headquartered in San Francisco, and backed by a global team, we help over 1,000 clients worldwide demonstrate compliance, minimize risk, and build trust. 

Keywords: [“privacy”,”client”,”TrustArc”]


It comes into effect on May 25, 2018, bringing with it a host of new obligations for those companies, and new privacy rights for their end users. Processing data can mean many things, from collecting data to storing and using it. Organizations large and small that process the personal data of EU-based individuals are now preparing for the new regulation, and Evernote is no exception. We believe that GDPR complements our existing data protection policies and processes, giving us a solid foundation and helping us maintain a strong commitment to data privacy. To help guide our readiness initiatives, Evernote actively collaborates with privacy experts from the Center for Democracy and Technology and the Future of Privacy Forum. 

Evernote continues to be EU-US Privacy Shield and Swiss-US Privacy Shield certified. 

Keywords: [“Data”,”privacy”,”GDPR”]

EU GDPR: The Right to be Forgotten

The EU General Data Protection Regulation, a landmark piece of legislation that will strengthen and unify data protection for individuals in Europe and beyond, now has an enforcement date – May 25, 2018. More specifically, the law stipulates that organizations must adhere to customers’ ‘right to be forgotten. Individuals can request the deletion of data about them. Companies will only keep data long-term to comply with retention policies or other acceptable reasons. Individuals must provide explicit consent for data about them to be held and processed. 

Companies must be able to provide evidence of individuals providing this knowing consent. Use these resources to expand your knowledge of the upcoming General Data Protection Regulation, including information on the ‘right to be forgotten’ requirement. 

Keywords: [“Data”,”individuals”,”provide”]

GDPR News Center News for 08-24-2018

General Data Protection Regulation

Here you can find the official PDF of the Regulation 2016/679 as a neatly arranged website. All Articles of the GDPR are linked with suitable recitals. The European Data Protection Regulation will be applicable as of May 25th, 2018 in all member states to harmonize data privacy laws across Europe. If you find the page useful, feel free to support us by sharing the project. Quick Access Important Issues Chapter 1 – General provisions Chapter 2 – Principles Chapter 3 – Rights of the data subject Chapter 4 – Controller and processor Chapter 5 – Transfers of personal data to third countries or international organisations Chapter 6 – Independent supervisory authorities Chapter 7 – Cooperation and consistency Chapter 8 – Remedies, liability and penalties Chapter 9 – Provisions relating to specific processing situations Chapter 10 – Delegated acts and implementing acts Chapter 11 – Final provisions. 

Keywords: [“Chapter”,”Data”,”provisions”]

General Data Protection Regulation Compliance

Commvault software integrates backup, recovery and archiving in a way that creates a single searchable pool of all your structured and unstructured data, no matter where it’s located. By simplifying information governance, Commvault gives you the visibility and control you need to meet your GDPR obligations. Identify the presence of personal data in all data locations. Automate special handling of information with standard data policies Support the export and erasure of personal data from all data sources. Maintain an auditable chain of custody on an individual’s personal data. 

Understand data leakage risk and speed up data breach analysis. By eliminating the need for multiple point products to manage your data, Commvault software does more than just lay a foundation for GDPR compliance – it also helps you improve operational efficiency, gain business advantage and boost employee productivity. 

Keywords: [“data”,”personal”,”Commvault”]


The documents in this section are offered to help churches comply with the General Data Protection Regulation which comes into force on 25 May 2018. It cannot cover comprehensively everything that any church might ever do with data but churches following this guidance should be well on their way to compliance. You will have heard a lot of concern about the need to obtain consent from data subjects. There are legal bases for processing data, other than consent, which have been included in the template Data Privacy Statement, and wherever possible it is recommended that the need to obtain consent is avoided. If you wish to collect or process Special Category Data you will need to obtain consent. 

A template consent form is included for this purpose. Further guidance is still expected from the Information Commissioners Office and this guidance will be added to or amended as becomes necessary. 

Keywords: [“Data”,”consent”,”obtain”]

GDPR Readiness « Sabre

The European Union General Data Protection Regulation is a data privacy law effective May 25, 2018, and will apply to any company, such as Sabre, that processes data for EU residents, regardless of the business location, in the context of the activities of the establishment. Changing our systems, contracts and processes to comply with the GDPR. Creating communication channels for continual updates. Participating on industry forums to develop common solutions with industry partners. Our customer expectations Think about the data minimization requirements, and please don’t provide more personal data than is needed. 

Appropriately prioritize data subject requests to ensure deadlines are met. Please respond quickly to new GDPR-related contract amendments. If you initiate it, please limit the language to that required by law, so that it may be completed quickly. 

Keywords: [“Data”,”please”,”quickly”]


Update: GDPR-friendly forms are now available for all MailChimp users. No matter what type of business you have or where in the world you’re located, chances are that you’ve heard a lot lately about the EU’s new data privacy law, the GDPR. As General Counsel. Last Tuesday, we announced in an email to our customers that MailChimp is adding single opt-in as an option for email lists, and making it the default setting in new and existing lists starting October 31. We’ve made an important change for MailChimp users located in the European Union: If your primary contact address. 

If your business is based in the European Union or you have customers or contacts in the EU, then you have probably heard of the General Data Protection Regulation by now. In this article, we’re going to cover a few things to keep in mind as GDPR approaches and provide you with the. 

Keywords: [“MailChimp”,”contact”,”Union”]

R U GDPR Ready?

There will be two levels of fines based on the GDPR. The first is up to €10 million or 2% of the company’s global annual turnover of the previous financial year, whichever is higher. The second is up to €20 million or 4% of the company’s global annual turnover of the previous financial year, whichever is higher. The potential fines are substantial and a good reason for companies to ensure compliance with the Regulation. The EU Parliament had requested for fines to reach €100 million or 5% of the company’s global annual turnover. 

The agreed fines are the compromise that was reached. Fines for infringements will be considered on a case-by-case basis and will take a number of criteria into consideration, such as the intentional nature of the infringement, how many subjects were affected and any previous infringements by the controller or processor. 

Keywords: [“fines”,”companies”,”infringement”]

GDPR News Center News for 08-23-2018

GDPR by Wizuda

The General Data Protection Regulation 2016/679) is a regulation by which the European Parliament, the European Council and the European Commission intend to strengthen and unify data protection for EU citizens. The GDPR aims to give EU citizens back control and transparency over their personal data, how it is used, by whom and for what purpose. Under the GDPR, personal data must be processed lawfully, fairly and in a transparent manner. As the GDPR is a regulation, it is legally binding; if you’re not compliant with the regulation then you’re breaking the law. It builds on the previous Data Protection Acts bringing more relevance to the technologies of today, in a world where data has become one of the most valuable assets of organisations. 

It comes into force on the 25th of May 2018 at which time businesses who do not comply may face significant fines of up to €20m or 4% of global annual turnover, whichever is greater. 

Keywords: [“Data”,”Regulation”,”GDPR”]

General data protection regulation, GDPR

GDPR puts increased emphasis on data collection best practices, data controller transparency, and consumer choice – all of which play a meaningful role in the customer experience. With an eye toward customer experience, you may want to think about how the following GDPR principles affect your business efforts. Reduce unnecessary data collectionTake stock of the data you’re collecting. Provide the required notice for data collectionReview and update your current privacy notices, policies, and any information provided at data collection points. Remove unique identifiersConsider when to make some data anonymous or pseudonymous to help minimize compliance obligations and the risk of data and privacy breaches and claims. 

Fulfill data access and delete requestsUnderstand how your customer will reach out to you to make data access or delete requests. Know how to define internal data retention and deletion policies and procedures. 

Keywords: [“data”,”how”,”customer”]

Get GDPR compliant with Dynamics NAV – Dynamics NAV Team Blog

On May 25, 2018, a European privacy law is due to take effect that sets a new global bar for privacy rights, security, and compliance. The General Data Protection Regulation is fundamentally about protecting and enabling the privacy rights of individuals. The GDPR establishes strict privacy requirements governing how you manage and protect personal data while respecting individual choice-no matter where data is sent, processed, or stored. As mentioned in an earlier blog post, Microsoft is dedicated to helping our partners and customers meet the requirements of the GDPR. By May 2018, Dynamics NAV 2018, Dynamics NAV 2017, Dynamics NAV 2016, and Dynamcis NAV 2015 will be updated with tools to help you get GDPR compliant. 

The March cumulative updates have just been made available and provide the first round of updates for you. We have prepared a Dynamics NAV whitepaper that will help you prepare for compliance. 

Keywords: [“NAV”,”Dynamics”,”privacy”]

Protect passwords, IT accounts, privacy

As organizations race to adopt a DevSecOps model, eliminating security gaps in the DevOps environment and keeping user credentials secure are a top priority. Typical DevOps vulnerabilities include, embedded credentials in application environments, stored credentials in popular repositories, or shared private keys and credentials for fast access to source code. Join Thycotic Product Manager Dan Ritch as he explains how you can help assure proper credential security for your DevOps team with an automated privileged access solution. How to optimize your team’s DevOp’s environment to increase security without hindering their development and deployment schedules. An automated approach to remove hardcoded passwords and meet compliance without impacting workflow. 

How to integrate PAM security across each tool in the DevOps toolchain. PLUS: One lucky attendee will win a $50 Amazon gift card at the end of the webinar! 

Keywords: [“DevOps”,”credential”,”security”]

GDPR Logger

Christian is the man with the ideas and the architect behind the GDPR Logger. From the beginning the GDPR Logger is designed by Christian who continually devices smart new features that ensures the solution is cutting edge software. John is the developer behind the GDPR Logger and has been a part of the team form the beginning where he developed the engine. John is a true wizard that can create all the features our IT Architect thinks up. Kuno develops the UI parts of the GDPR Logger and ensure that everything is presentable. 

With his usual patentability he helps to ensure that the GDPR Logger looks as it should. The always happy Tom is, apart from being a member of the board, the man that creates our partner canal. Tom is a master of Excel and always up for a cup of coffee to create some business. GDPR Logger for Notes & Domino ensures that you are ready when the new Personal Data Regulation becomes enforceable. 

Keywords: [“Logger”,”GDPR”,”ensure”]


The new GDPR regulations are just weeks away and as the biggest shake-up in data protection regulation in decades, preparations are well underway at businesses up and down the country. Our conference has been designed to doublecheck your strategy against expert opinion to ensure you are on the right track to compliance. The GDPR is raising the bar to a higher standard for consent as well as making it easy for people to withdraw their consent. Don’t be fooled into thinking this is about marketing alone, GDPR affects every aspect of your business. This event explores some of the detail through the eyes of compliance specialists, marketing gurus and data protection experts. 

With the Information Commissioner’s Office providing its updated guidance in December ahead of the implementation of the regulations in May 2018, our conference is perfectly timed so you can be confident your business is compliant. 

Keywords: [“GDPR”,”dealer”,”data”]

GDPR News Center News for 08-22-2018

Roadmap: tools for GDPR compliance – Make WordPress Core

These tools will help site owners comply with the GDPR and other privacy laws and requirements. The site owners are able to select an existing page or create a new one. Core will also contain text that the site owners can use to create their policies. III. Add tools to core to facilitate compliance, and privacy in general. 

There are several plugins that are implementing similar tools. It would be great if the plugin authors participate/contribute to core to include the base tools, so we don’t double the efforts. These tools will require a confirmation of the email of the person that requests an action, see #43443. To export all personal data stored on the site, see #43438, #43440, #43547, #43547. Couple of tasks can be performed in core without additional tools. 

Having a specialized tools will enable plugins to hook into the performed actions and do their share. IV. Add documentation/help for site owners on how to use these tools. The documentation should be on the new Tools => Privacy screen. 

Keywords: [“site”,”tools”,”owner”]


Safe + Secure Nothing matters more to us than the security of your data. For over a decade now, Qualtrics has been the most secure platform on the market – and we’re staying that way. When the EU’s new General Data Protection Regulation come into force, we’ve got you covered. As part of those programs, a Privacy Impact Assessment – a key requirement of GDPR – has been performed and evaluated by an independent third-party assessor, so you can be confident your data is secure. Qualtrics has a Data Protection Impact Assessment that documents our handing of all your data, including personal data. 

Data correction Brand administrators can easily find and modify collected personal data to meet the ‘correction’ requirement of the GDPR. So, you’ll easily be able to modify an individual’s personal data should they request it. Right to be forgotten Brand administrators can permanently delete individual contacts and respondent personal data should an individual request it using a Subject Access Request. 

Keywords: [“data”,”Secure”,”personal”]

Snow GDPR Risk Assessment

Out-of-the-box reports cover common use cases, plus powerful data export functionality enables customisable reporting for answering questions to scenarios specific to each organization. Having discovery agents on 80% of an estate means 20% are potentially the greatest risk. An agentless scan can be a fast and effective way to fill the gaps in asset knowledge of devices and software. It is not good enough to know just software inventory. Knowing who has access to key software applications and data and who actually uses key applications will enable the tracing of users in the event of a security breach. 

A large proportion of security breaches are internal, either deliberate or through negligence. Deploying Snow’s GDPR solution will help identify who is responsible for a data breach and in some cases, enable preventative measures. Remain up to date with dynamic application intelligence. Snow’s Data Intelligence Service provides continuous updates and improvements on GDPR-relevant information. 

Keywords: [“data”,”application”,”software”]


Protecting and defending user privacy is at the heart of our work. From protecting user anonymity, to offering meaningful privacy and security controls, and our overall commitment to transparency, these are foundational principles and built into the core DNA of our company. We also partner with civil society, we stand up to governments and we continue to evolve our efforts around documenting our work. In preparing for GDPR, we formed a cross-functional team, made up of senior team members from across Twitter to make sure we are not only working towards GDPR compliance as an end in itself, but in a way that evolves our principles and overarching mission as a company. While our teams have been working on this behind the scenes, as the implementation date for the GDPR approaches, we will be making updates across our core product, policy, and operations. 

Our goal, as ever, is to meet our commitments to our users and to provide an industry-leading level of transparency and user control. 

Keywords: [“work”,”team”,”GDPR”]

Permission is everything

We manage data, risk and marketing for some of the UK’s biggest brands and financial institutions. From our unique perspective, we believe you will need to earn permission on three levels: data, brand and channel. If you hold data, you’ll need new levels of rigour and compliance. Review and audit data structures and identify personal data. Assess data quality to build a solid foundation for GDPR compliance and marketing activity. 

Create a single, consistent view of your data subjects. Brands must build trust and loyalty to retain existing customers and the permission to carry on the conversation with your audience. Channel and communications value audit and strategic recommendations. CRM strategies: 1:1 communications and programme design and application. Contextualising media strategies against new legislation. 

Connecting customer data across online and offline channels to create a single customer view. Conducting channel value audits and attribution application. 

Keywords: [“data”,”brand”,”channel”]

General Data Protection Regulation and Episerver

The GDPR will come into effect on May 25, 2018, replacing the current Data Protection Act in the biggest overhaul of data protection legislation in more than 25 years. The law will introduce new requirements for how organizations, both in the EU and abroad, process personal data. Companies collecting data on citizens of EU countries will need to adhere to strict new rules regarding the protection of customer data. The GDPR defines its requirements and rights granted to EU citizens in a document containing 99 articles. While companies collecting and storing customer data from citizens in the EU will need to address each of the articles to achieve compliance, some of the articles will have a greater impact on businesses than others. 

Instead, you should choose to see GDPR as an opportunity, as it levels the playing field for everybody, and the benefits will include better interactions, with the right message to the right people at the right time. 

Keywords: [“Data”,”right”,”citizens”]