Today, personal data is owned by whoever collects it. Post GDPR, personal data is owned by the subject. GDPR creates a standardised set of expectations as to how your organisation must manage personal data in this new world.
GDPR has been described by some as being the most significant regulatory framework to hit companies since the Sarbanes-Oxley act. With a stated objective to “give citizens back control of their personal data and to simplify the regulatory environment for business” it will impact every single European individual who has shared their personal data with an organisation and every single organisation that holds information on any European individual.
Exonar simplifies GDPR compliance by getting right to the heart of the matter: Finding, Mapping and Managing your data.
How Exonar can help with GDPR
Data Subject Access Requests
Right To Be Forgotten
Meet the GDPR dashboard
Exonar’s GDPR dashboard provides a high-level view of an organisation’s information in relation to EU GDPR law.
It shows an overall picture of all the data held by an organisation, which is subject to GDPR, where it is held and its characteristics.
This approach takes organisations beyond spreadsheets and interviews, and into the realm of making well informed decisions, rapidly.
Exonar GDPR Workshops
Personalised and conducted at your offices, this session will deliver a phased and prioritised GDPR data management plan that can be actioned and will deliver results immediately.
We’ll share how others are organising their programmes and applying the Exonar methodology to deliver a prioritised plan for discovery and analysis that can be put into action quickly.
Data will be one of your primary concerns. The legal and operational requirements that GDPR places on companies are wide-ranging and will impact everything from the people employed by the organisation, through to policies, processes and technology. GDPR is clear that individuals have a series of rights when it comes to how their data is collected, stored, used and disposed of by organisations. This means not only do business leaders have a lot to consider in making sure their organisation is ready to fulfil their GDPR obligations, but that if they don’t understand where their data is, they won’t be able to comply.
The price is high for non-compliance
The large financial penalties of non-compliance have been frequently reported. However, the risk is far greater than one fine. With GDPR allowing individuals to take class actions against organisations that mistreat their data, any organisation that is subject to a data leak / hacking incident can expect to receive individual lawsuits which will not only increase the financial loss, but also consume vast amounts of time in settling individual litigation.
With this understanding in place, data management becomes the primary activity for any organisation getting ready for GDPR.
Data management begins with discovery
What GDPR forces business leaders to consider is where every single piece of personal data is across their IT estate – including the Cloud. Taken in this context, the question of the data that an organisation holds on individuals becomes a far more complex one to answer, and one that is going to require time, resource and budget. A thorough approach to data discovery, properly implemented, will lead you to data that you did not know about.