GDPR News Center News for 10-23-2018

Box GDPR Compliance

With the General Data Protection Regulation just around the corner, we’re committed to being GDPR-ready by May 25, 2018, so that our customers can use Box with GDPR compliance in mind. At Box, we meet the highest bars possible for data privacy, as well as support organizations using Box while meeting data privacy obligations across the globe. With Box, every company – regardless of location or data privacy obligations – can work as one. 

Keywords: [“Box”,”Data”,”privacy”]
Source: https://www.box.com/gdpr

» Organisations

The General Data Protection Regulation very significantly increases the obligations and responsibilities for organisations and businesses in how they collect, use and protect personal data. At the centre of the new law is the requirement for organisations and businesses to be fully transparent about how they are using and safeguarding personal data, and to be able to demonstrate accountability for their data processing activities. 

Keywords: [“Data”,”personal”,”how”]
Source: http://gdprandyou.ie/organisations/

General Data Protection Regulation Consulting & Compliance Services

Create a pragmatic roadmap and facilitate data compliance by evaluating current security practices against GDPR requirements. GDPR consulting tailors appropriate security measures to your organization’s requirements. Avoid new vulnerabilities with ongoing security testing, assessments and exercises. Implement security controls and processes to patch gaps and help to maintain a GDPR-compliant security posture. 

Keywords: [“security”,”GDPR”,”requirements”]
Source: https://www.secureworks.com/services/security-consulting/controls-compliance/gdpr

Protect Personal Data on Your Website

Manually searching for data across your digital presence is a tedious task. With Siteimprove GDPR, you save that time by automatically locating the personal data you handle online-think names, ID numbers, cookies, and more. Now you have the power to pinpoint and remove that data across your website, minimizing the risk of fines and other legal consequences on your way to GDPR compliance. 

Keywords: [“data”,”across”,”GDPR”]
Source: https://siteimprove.com/en-us/gdpr/

Data Protection and Complying with GDPR Laws

It’s no longer just about finding and securing data: it’s about proactively capturing the full context of data, classifying what level of security is needed, establishing and adhering to the necessary controls, and implementing ongoing best practices to ensure data is managed safely and successfully. Collibra provides the necessary foundation for any successful cyber security program. 

Keywords: [“data”,”Collibra”,”security”]
Source: https://www.collibra.com/data-governance/data-protection/

EU General Data Protection Regulation

FastSpring is compliant with the EU General Protection Regulation. Our ecommerce platform is capable of conducting business with all EU-based customers online store. FastSpring complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. 

Keywords: [“FastSpring”]
Source: https://fastspring.com/gdpr/

GDPR Compliance and Elasticsearch

Mike joined Elastic in 2016 from Prelert, where he’d been VP of Products for Prelert’s machine learning technology. Mike’s focus at Elastic is to help users and customers succeed with security-related applications of the Elastic Stack. Starting his career as an ASIC designer, Mike has led the development of SIEM, network IPS, DDoS Defense, and network monitoring solutions. 

Keywords: [“Elastic”,”Mike”,”network”]
Source: https://www.elastic.co/webinars/gdpr-compliance-and-elasticsearch

GDPR Compliance and Elasticsearch

Mike joined Elastic in 2016 from Prelert, where he’d been VP of Products for Prelert’s machine learning technology. Mike’s focus at Elastic is to help users and customers succeed with security-related applications of the Elastic Stack. Starting his career as an ASIC designer, Mike has led the development of SIEM, network IPS, DDoS Defense, and network monitoring solutions. 

Keywords: [“Elastic”,”Mike”,”network”]
Source: https://www.elastic.co/webinars/gdpr-compliance-and-elasticsearch

Data Mapping May Be the Hardest Part of GDPR Compliance

K Royal is in the business of making sure companies are compliant with the European Union’s General Data Protection Regulation. As senior director of privacy at compliance and security company TrustArc Inc., she helps organizations bridge the gap between knowing they must fully follow the GDPR, and actually crossing the finish line. 

Keywords: [“company”]
Source: https://www.law.com/corpcounsel/2018/08/15/data-mapping-may-be-the-hardest-part-of-gdpr-compliance/

Data Mapping May Be the Hardest Part of GDPR Compliance

K Royal is in the business of making sure companies are compliant with the European Union’s General Data Protection Regulation. As senior director of privacy at compliance and security company TrustArc Inc., she helps organizations bridge the gap between knowing they must fully follow the GDPR, and actually crossing the finish line. 

Keywords: [“company”]
Source: https://www.law.com/corpcounsel/2018/08/15/data-mapping-may-be-the-hardest-part-of-gdpr-compliance/

eBay Inc.

The General Data Protection Regulation is a comprehensive update to existing European Union laws that goes into effect on May 25, 2018. The GDPR was designed to harmonize data privacy laws across Europe, to protect and empower all EU resident’s data privacy and to reshape the way organizations across the region approach data privacy. 

Keywords: [“Data”,”privacy”,”across”]
Source: https://www.ebayinc.com/our-company/privacy-center/gdpr/

Analytics Platform

Matomo GDPR services We offer solutions and services to help you have a Matomo configuration ready for GDPR compliance. As the world leaders when it comes to privacy and customer data, we are looking forward to providing you support for our analytics platform which helps you achieve GDPR compliance easily. 

Keywords: [“GDPR”,”compliance”,”help”]
Source: https://matomo.org/gdpr/

General Data Protection Regulation

The General Data Protection Regulation, the world’s most expansive data privacy law, takes effect May 25, 2018. Any group that processes the personal data of European residents must comply with the new law. Non-compliance can result in fines up to €20million or 4% of annual turnover, whichever is higher. 

Keywords: [“Data”,”law”]
Source: https://www.veritas.com/gdpr

GDPR Compliance in 5 minutes

General Data Protection Regulation has created a wealth of uncertainty around compliance for marketers. This 5 minute summary explains the core principals for GPDR, what it means for inbound and outbound marketing and how to make web forms compliant. 

Keywords: [“marketers”]
Source: https://www.youtube.com/watch?v=cBRUYUheTTs

GDPR Compliance in 5 minutes

General Data Protection Regulation has created a wealth of uncertainty around compliance for marketers. This 5 minute summary explains the core principals for GPDR, what it means for inbound and outbound marketing and how to make web forms compliant. 

Keywords: [“marketers”]
Source: https://www.youtube.com/watch?v=cBRUYUheTTs

GDPR News Center News for 08-26-2018

GDPR Readiness, Assessment & Compliance

WHO: Enterprises that offer goods or services within the EU as well as enterprises that monitor EU subjects’ behavior within the EU. WHAT: New data privacy mandates have been issued by European Union regulation. WHEN: GDPR compliance must be achieved by 25 May 2018. WHERE: Includes any organization in the world if it retains or processes information on any citizen in the EU. WHY: To better protect any individual’s personal information, to secure rights for the individual over that collected information, and to force enterprises to follow a uniform scheme for data protection. 

HOW: Follow ISACA’s privacy guidance on how best for your enterprise and its staff to assess your unique data protection needs and meet the GDPR compliance standards set by the EU.. 

Keywords: [“enterprise”,”information”,”any”]
Source: https://www.isaca.org/info/gdpr/index.html

Data Security Issues, Risks, Trends, and Concerns

Less than a third of companies are prepared for the GDPR. HAVE A PLAN AND STICK TO IT. If you have checked your compliance and audited your data, you should know what you process, on what legal grounds, who has access and understand the lifecycle of captured personal data. The next step is to implement data protection by design, and by default. Incident Response/Breach notification response plan. 

HOW WE CAN HELP. Thales are specialists in encryption solutions, protecting your data wherever it is in your digital estate. Use our experts to conduct a health check on your organisation to assess your GDPR readiness. Then deploy the Thales eSecurity Accelerator Pack, using our proven technologies to secure critical database or file systems in less than two days. 

Keywords: [“data”,”GDPR”,”Thales”]
Source: https://gdpr.thalesesecurity.com

GDPR

It’s essential that you review your approach to governance and data protection and plan your compliance now. Get all the key people onboard, update the relevant policies and procedures and develop any that are missing. Rather than aiming to be completely compliant by 25 May 2018, it’s realistic to have a ‘roadmap’ of how you are going to achieve complete compliance. A good starting point is to introduce a transparent data processing statement, or privacy statement, for all your clients. The ICO website provides more information about privacy statements with examples of good and bad privacy notices. 

Identify and document your legal basis for doing these. InternationalIf you operate internationally, make sure you know which supervisory authority you come under for data protection. 

Keywords: [“data”,”how”,”GDPR”]
Source: https://www.bacp.co.uk/about-us/contact-us/gdpr

GDPR Webinar

GDPR, less than a year away should be on every business’s radar. Our free webinar will share with you the key things to be aware of to help prepare your business for the May 2018 regulation. This may seem a while away, but the regulations will affect all businesses, so now is the time to start planning and putting things into place. Our one hour free GDPR Webinar is downloadable today. This webinar which was live has been created as a useful downloadable resource and includes lots of questions and answers asked by businesses like you. 

Speakers on this webinar were Adriaan Bekker and David Smart from Softwerx plus Karen Cole from RIAA Barker Gillette. Softwerx has helped a number of organisations throughout the UK increase their knowledge of GDPR and become better prepared. 

Keywords: [“webinar”,”GDPR”,”Softwerx”]
Source: https://www.softwerx.com/resources/gdpr-webinar

GDPR US Firms Whitepaper Landing Page

Due to the constantly changing digital world, the EU took a major step to protect their citizen’s personal data and privacy rights by passing the EU General Data Protection Regulation. Not only firms based in the EU must abide to this regulation. Any firm that does business in the EU or monitors the behavior of EU data subjects needs to comply with the regulation. For US based firms that do business in the EU, it is crucial to understand the regulation and address the key challenges to ensure that your firm is GDPR compliant. Key terms and definitions relating to the GDPR. 

Key challenges ahead. how the GDPR affects how you store data in the cloud. Solutions to complying with the GDPR. How the GDPR will fit with the EU-US Privacy Shield. 

Keywords: [“GDPR”,”firm”,”Regulation”]
Source: https://www.eci.com/resources/lpg/GDPR_US_Firms.html

GDPR for marketers: best practice, tips and case studies

The new EU General Data Protection Regulation comes into force on 25th May 2018, however only 54% of businesses expect to meet that deadline. Econsultancy is investigating GDPR from a marketer’s persective, highlighting the specific aspects of the new regulation that require your attention. As always we aim to cut through the jargon and present the important details in plain English, and where possible highlighting examples of best practice to help put things in context. All our resources are listed here – this page will be frequently updated with new articles and reports so make sure to check back in future. Econsultancy offers comprehensive online GDPR training, as well as a one-day face-to-face GDPR training course designed to bring marketers up-to-speed. 

Keywords: [“GDPR”,”marketers”,”new”]
Source: https://econsultancy.com/hello/gdpr-for-marketers

Prepare for GDPR Compliance

GDPR establishes the many measures organizations must take to protect personal data belonging to residents of the EU. These measures include: understanding what personal data an organization handles and where this data resides; performing risk assessments to gauge an organization’s exposure to accidental or unlawful loss of this data; implementing various technical and organizational controls to protect personal data; and appointing a chief data protection officer charged with overseeing GDPR compliance. GDPR applies to any organization that handles or processes personal data belonging to EU residents. It establishes strict breach disclosure requirements, and when enforcement begins on May 25, 2018, will impose stiff fines for non-compliance. 

Keywords: [“data”,”personal”,”organization”]
Source: http://www.rsa.com/en-us/solutions/gdpr-compliance-with-rsa

GDPR News Center News for 08-21-2018

WordPress GDPR Compliance plugin

May 7th, 2018: v1.3 is out! Enabling your visitors to request access to their data and deleting it if they wish to do so. GDPR is a European privacy regulation allowing visitors more direct control over their personal data. Signing up for a newsletter for example or leaving a comment on a site means your email address and possibly your IP are both stored for future reference. Under GDPR visitors can at any time request access to their stored personal data. 

Ask for an export of all that data or for it all to be deleted. To start off with all functionality needed we integrated with several external plugins, as of v1.3: Contact Form 7, Gravity Forms, WooCommerce and WordPress Comments. Making it easy to add a consent checkbox and to keep a consent log. Adding checkboxes to supported plugins for explicit visitor consent. ‘Right to access’ through encrypted audit logs. ‘Right to be forgotten’ by anonymising user data. We’ll continue to give you increasingly more tools to comply with privacy regulations. 

Check out our development roadmap to find out when we’ll support your favourite plugin. 

Keywords: [“data”,”visitor”,”GDPR”]
Source: https://www.wpgdprc.com

Data Protection/EU GDPR Compliance

The EU General Data Protection Regulation will supersede all EU member states’ current national data protection laws based on the 1995 Data Protection Directive on 25 May 2018. Non-compliant organisations face considerably greater penalties under the Regulation than under current data protection laws – up to 4% of annual global turnover or €20 million. Data subjects will have the right to seek judicial remedies against data controllers and processors, as well as the right to obtain compensation for damages occurring as a result of GDPR breaches. If you’re undertaking a GDPR compliance project, IT Governance can provide everything you need. An ISO 27001-compliant ISMS should be the starting point for all organisations seeking to demonstrate that they have implemented these measures. 

We’ve been helping organisations implement ISO 27001 for over a decade, and have led more than 400 certifications to date. What’s more, we offer a 100% guarantee of successful certification. Here are a few ways we can help meet your GDPR compliance needs. 

Keywords: [“Data”,”Protection”,”GDPR”]
Source: https://www.itgovernance.eu/eu-gdpr-compliance

Marketing Data and GDPR Compliance cartoon

I just returned from a two week book tour with marketers in the UK and Norway. If there was one topic that overshadowed most marketing conversations, it was GDPR. The EU’s General Data Protection Regulation is the sweeping new EU regulation on marketing data that will impact any company that offers goods or services to EU residents or tracks them for analytics or advertising purposes. The regulation goes into affect in May 2018 and penalties are severe. While the awareness is lower outside of Europe, GDPR has massive implications worldwide. 

One study by Veritas Technologies said that 47% of global organizations have doubts they’ll meet the compliance deadline and 20% fear that GDPR could put them out of business. Another study reported that GDPR will make 75% of UK marketing data obsolete. Order Now GDPR fundamentally transforms how companies have to handle personal data. As GDPR awareness leads to panic and eventually to action, it will be interesting to see the impact on marketing and working with personal data in 2018. 

Keywords: [“Data”,”marketers”,”GDPR”]
Source: https://marketoonist.com/2017/10/gdpr.html

GDPR Assessment Programme

The General Data Protection Regulation becomes enforceable on the 25th May 2018 and will have a profound impact on the way your organisation handles its customer and other personal data. Fines for data breaches will be increased massively up to 4% of global turnover. Organisations must not delay with many needing to change business processes and technical systems to be able to meet and demonstrate compliance. Ensure you are ready before your competitors and benefit from increased trust with your customers and new commercial opportunities. The GDPR RADAR from DQM GRC is a unique assessment of your organisation that will score your current readiness against the new regulations, help you understand where you need to improve and develop a bespoke programme to get your organisation to where you need to be. 

Not only will GDPR RADAR be the fastest and most efficient way to get compliant but leading business insurance firm QBE will offer up to a 25% reduction on their Cyber Insurance policy to our GDPR RADAR customers. 

Keywords: [“organisation”,”RADAR”,”GDPR”]
Source: https://www.dqmgrc.com/gdpr

gdpr-compliance – Make WordPress Core

These tools will help site owners comply with the GDPR and other privacy laws and requirements. The site owners are able to select an existing page or create a new one. Core will also contain text that the site owners can use to create their policies. II. Create guidelines for plugins on how to get GDPR compliant. 

III. Add tools to core to facilitate compliance, and privacy in general. There are several plugins that are implementing similar tools. It would be great if the plugin authors participate/contribute to core to include the base tools, so we don’t double the efforts. These tools will require a confirmation of the email of the person that requests an action, see #43443. 

To export all personal data stored on the site, see #43438, #43440, #43547, #43547. Couple of tasks can be performed in core without additional tools. Having a specialized tools will enable plugins to hook into the performed actions and do their share. IV. Add documentation/help for site owners on how to use these tools. 

Keywords: [“site”,”tools”,”owner”]
Source: https://make.wordpress.org/core/tag/gdpr-compliance

GDPR News Center News for 05-09-2018

Survey shows that many organizations may miss GDPR deadline

A recent General Data Protection Regulation readiness survey undertaken by the specialist law firm, Technology Law Alliance, shows that only 18 percent of UK and multi-national organizations are ‘highly confident’ that they will meet the deadline next May, for compliance with the new GDPR. The survey results showed that the biggest challenges which organizations face, are dealing with the large number of systems on which data is stored and processed, and the lack of internal resource and know-how about GDPR. With the ‘high confidence’ figure for GDPR compliance by 25th May 2018 being at such a low level, one would assume that this would have the attention of the boards of the respective organizations. Only 51 percent of organizations indicated that regular board level reporting was being undertaken in respect of GDPR readiness, despite survey responses showing that 78 percent of organizations regard GDPR compliance as more important than other compliance programmes. In terms of what organizations are actually doing to prepare for GDPR, 89 percent of respondents indicated that their organizations were involved in some form of data mapping or data flow activity. Only 41 percent had a detailed GDPR compliance plan in place. Although the survey results revealed that there are clear challenges which GDPR compliance is imposing on organizations, over three-quarters of organizations saw GDPR compliance as a positive initiative. Organizations cited reasons such as: helping them focus more clearly on the way in which data is used internally; becoming more transparent with individuals with regard to use of their data; and improving security within their organizations.

Keywords: [“organizations”,”GDPR”,”compliance”]
Source: http://continuitycentral.com/index.php/news/erm-news/2471-survey-shows…

GDPR consent updates spark chilling warning to brands

“Brand owners preparing for tighter rules on marketing consent – contained in the new EU data protection laws – have been sent a chilling warning after both airline Flybe and car giant Honda have been whacked with fines for contacting customers who were off limits, under the guise of updating their databases.While the Information Commissioner’s Office said it recognises that companies will be reviewing how they obtain customer consent for marketing to comply with the EU General Data Protection Regulation coming into force in May 2018, head of enforcement Steve Eckersley said:”Businesses must understand they can’t break one law to get ready for another. Sending emails to determine whether people want to receive marketing without the right consent, is still marketing and it is against the law. “In Flybe’s case, the company deliberately contacted people who had already opted out of emails from them.” GDPR compensation to dwarf £30bn bill for PPI claimsHalf of all firms still not compliant with 1998 data laws. Data compensation claims ‘could run into millions’Major ICO recruitment drive to prevent GDPR meltdownCancer Research UK aims to be GDPR compliant by JulyDogs Trust signs deal to secure GDPR complianceTen crucial steps to tackle GDPR compliance anxietyFinal data countdown: 16 months to save your businessRead it and weep: ICO offers latest GDPR guidanceConsumers back GDPR to make their data safer. 7,000 data protection officers needed for UK firmsEU data reforms: the top 5 issues for marketers. To get full access to the site please register – it takes less than a minute and is free of charge. You will also get our weekly email update The DM Report.

Keywords: [“data”,”GDPR”,”marketing”]
Source: http://www.decisionmarketing.co.uk/news/gdpr-consent-updates-spark…

Privacy notices in the GDPR era

The European Union’s new general data protection regulation mandates strict protection requirements over personal data concerning EU citizens. Retailers that offer financial services may have to think extra hard about how they manage personal data. Equifax Inc, the US based consumer credit reporting agency, offers identity theft protection as well as fraud prevention products. Steve Martin, Data Protection Officer at Equifax highlights the importance of a consistent approach to making privacy notices understandable and accessible, in the GDPR era. “Data sharing and analysis can bring huge benefits to consumers, but raises concerns about how personal information is used, and who can access it. The new general data protection regulation will apply to the UK from May 2018 and emphasises the need for transparency over how personal data is used. It’s a major development designed to provide new rights for individuals, and also strengthens some of the rights that exist under current legislation.” “A core element of GDPR is to ensure companies communicate clearly with consumers, with important provisions around privacy notices detailing how a company manages data. To achieve the regulation’s objective of better communication with consumers, it’s vital that financial service providers work together to agree common wording for these notices.” “Our industry is notorious for using too much jargon and the changes GDPR brings are an opportunity to improve the public’s understanding of how their personal information is used and kept safe, and their rights to access, control and correct information held on file.”

Keywords: [“data”,”personal”,”protection”]
Source: https://news.retailrisk.com/news/privacy-notices-gdpr-era-comment…

WFA GDPR Guide for Marketers

In a recent survey of WFA members, 94% of companies said that the General Data Protection Regulation was important for their organisation. 70% said that marketers in their organisation were not fully aware of the implications of GDPR for future marketing campaigns. To address the knowledge gap, the WFA has created a new GDPR Guide for Marketers, which has been compiled in conjunction with global privacy and cybersecurity legal experts Hunton & Williams. As of May 2018, GDPR will require multinational companies to make major changes to the way they collect and process consumer data. This is likely to have a big impact on marketers who rely on consumer data for carrying out targeted and effective marketing campaigns. GDPR applies to any company which offers goods or services to consumers in the European Union or monitors the behaviour of people in Europe. This means that most global companies will be affected, even if their headquarters are not based in Europe. Companies could be faced with big fines if they don’t comply. These fines could reach up to 4% of a company’s annual global turnover, which for Global 500 companies could mean fines ranging from $800 million to as high as $19.2 billion. The guide sets out five things every brand owner should know about GDPR and it’s designed to help marketers understand what GDPR means for their day-to-day work. It builds upon insights gathered through the WFA’s Digital Governance Exchange forum, which brings together senior experts from a broad range of functions, including marketing, legal, public affairs and compliance to discuss digital governance challenges facing companies in a data-driven, hyper-connected world.

Keywords: [“company”,”marketers”,”GDPR”]
Source: https://www.wfanet.org/news-centre/gdpr