Previously, personal data was owned by whoever collected it. With the introduction of the GDPR, personal data is now owned by the subject. GDPR creates a standardised set of expectations as to how your organisation must manage personal data in this new world.
GDPR has been described by some as being the most significant regulatory framework to hit companies since the Sarbanes-Oxley act. With a stated objective to “give citizens back control of their personal data and to simplify the regulatory environment for business” it will impact every single European individual who has shared their personal data with an organisation and every single organisation that holds information on any European individual.
Exonar simplifies GDPR compliance by getting right to the heart of the matter: Finding, Mapping and Managing your data.
How Exonar can help with GDPR
Data Subject Access Requests
Right To Be Forgotten
Meet the GDPR dashboard
Exonar’s GDPR dashboard provides a top-down view of your organisation’s information in relation to the EU GDPR.
It shows a comprehensive picture of all the data held which is relevant to GDPR, where it is held and its characteristics.
This view will take your organisation beyond spreadsheets and interviews, and into the realm of making well informed decisions, rapidly.
Exonar GDPR Workshops
Personalised and conducted at your offices, this session will deliver a phased and prioritised GDPR data management plan that can be actioned and will deliver results immediately.
We’ll share how others are organising their programmes and applying the Exonar methodology to deliver a prioritised plan for discovery and analysis that can be put into action quickly.
Data will be one of your primary concerns. The legal and operational requirements that GDPR places on companies are wide-ranging and impact everything from the people employed by the organisation, through to policies, processes and technology. GDPR is clear that individuals have a series of rights when it comes to how their data is collected, stored, used and disposed of by organisations. This means not only do business leaders have a lot to consider in making sure their organisation is able to fulfil their GDPR obligations, but that if they don’t understand where their data is, they won’t be able to comply.
The price is high for non-compliance
The large financial penalties of non-compliance have been frequently reported. However, the risk is far greater than one fine. With GDPR allowing individuals to take class actions against organisations that mistreat their data, any organisation that is subject to a data leak / hacking incident can expect to receive individual lawsuits which will not only increase the financial loss, but also consume vast amounts of time in settling individual litigation.
With this understanding in place, data management becomes the primary activity for any organisation under the GDPR.
Data management begins with discovery
What the GDPR forces business leaders to consider is where every single piece of personal data is across their IT estate – including the Cloud. Taken in this context, the question of the data that an organisation holds on individuals becomes a far more complex one to answer, and one that is going to require time, resource and budget. A thorough approach to data discovery, properly implemented, will lead you to data that you did not know about.
The EU GDPR
The Definitive, Easily Searchable Text
Full acknowledgement to the gdpr-info.eu project who have a neatly arranged, easily searchable PDF version of the General Data Protection Regulation (GDPR) including its recitals. The EU data protection reform was adopted by the European Parliament and the European Council on April 27th, 2016. The European Data Protection Regulation became applicable as of May 25th, 2018 and replace the Data Protection Directive.