iSecurity is a leading solution for Power i, iSeries and AS/400 Security Learn More about iSecurity
Compliance
iSecurity Compliance Overview
PCI Compliance
SOX Compliance
HIPAA Compliance
GDPR Compliance
GDPR Compliance

iSecurity Compliance with PCI, SOX, HIPAA…and now, GDPR

General Data Protection Regulation (GDPR) Facts

What is it? GDPR is a regulation which has been passed by both the EU Council and Parliament.

When does it take effect? GDPR takes effect on May 25, 2018, which includes a 2-year transition period, which began at the end of April, 2016, for companies to comply with GDPR.

What must be protected? Any personal data or data which can be used to uniquely identify a person must be protected.

What is considered to be a data breach? A data breach is defined as: accidentally losing data, losing data to cybercriminals, destroying or changing personal information, unauthorized disclosure of personal data, unprotected access to personal information and more.

Which data is affected? Data in motion (i.e. data transmissions), data at rest (i.e. stored data) and processed data are all affected.
 
What should be done if a data breach is discovered? Data breaches should be reported to the relevant authorities and to the people involved; both within a specific time period.

Which companies outside the EU are affected? Companies which are not in the European Union (EU) but do business in the EU or operate in the EU are affected by GDPR.

So what should a company do now? According to Article 32 sub-paragraph 3 (see page 63), encrypting personal data can potentially relinquish some notification requirements from companies which have and manipulate personal data. This is based upon Recital 23 on page 23 which states: “The principles of data protection should not apply to data rendered anonymous in such a way that the data subject is no longer identifiable.”

What are the penalties? Not protecting sensitive data with encryption is considered to be a severe violation with a potential fine of up to 1M euro.

How can Raz-Lee’s iSecurity suite of security, encryption, auditing and compliance solutions help attain GDPR compliance? The iSecurity suite of products is currently helping companies worldwide to comply with the regulations which are relevant to them: PCI-DSS, Sarbanes-Oxley (SOX), FDA CFR Part 11, HIPAA, and other regulations.

Let Raz-Lee assist your company become- and remain!- GDPR-compliant; contact us at marketing@razlee.com.


Click to learn more about iSecurity

   Downloads
  PCI & iSecurity White Paper

  HIPAA & iSecurity Presentation

  SOX & iSecurity Presentation

  Demo - PCI Compliance with Compliance Evaluator

  GDPR & iSecurity Presentation

   Quick Links
Download FREE Trial

Raz-Lee on YouTube

Raz-Lee on Twitter

   Video
Copyright © 2009 Raz-Lee Security. All rights reserved  
Terms & Conditions | Site Map