The new General Data Protection Regulation (GDPR) is now here. Tomorrow, 25th May, will see this much talked about statute on personal data in the European Union come into full effect.
We have spent months making sure we are up to speed on it so as to prepare for and comply with the new requirements that we will all have to meet. Though, at this stage we are aware that we all have an in-depth knowledge of its terms.
So, in this post, we want to move away from the theoretical side and give you some help with the best practical tools.
This post is also available in Spanish.
Just a few weeks ago, Twitter advised its users to change their passwords because of an error that allowed a list of all those passwords to be accessed in its internal system. Zuckerberg recently admitted a security flaw in Facebook and promised to restrict data access.
With these high-profile cases in mind, we're all happy with the work of EU regulators who for years now have been concerned with the use and control of personal data in the digital world.
Brussels’ main objective is to provide users with greater control over the how companies and public bodies use their personal data. But we all know that moving from the theory to the practical can be difficult at first so that's why we've put together this list of the best tools to help you with the job.
TRUSTe GDPR Rediness Assessment: GDPR assessment tool
This tool from the International Association of Privacy Professionals consists of more than 60 questions mapped to the key requirements of GDPR. It produces an analysis of failings with recommendations on how to correct them.
The assessment tool is cloud based and does not require any software downloads. IAPP members can activate a free account. It can be integrated into several applications and storage ecosystems such as Amazon Web Services and Alibaba Cloud.
Neo4j: GDPR implementation tools
This is a graph solution that gives visibility to an organization's data and the connections between data. Personal data may be held in many applications and in many locations across the company and the cloud. They must be protected and managed in every location.
Organizations must be able to trace data over its life cycle, from acquisition to deletion. The connections between data over multiple systems and data silos must be understood in order to trace and control data.
The Neo4j native graph database offers visibility as well as analytics and data integration. It is available as a download or an online tool.
BigID BigOps: GDPR maintenance tools
This scanning tool uses machine learning to continuously track changes in personally identifiable information across production and development environments in the data centre and the cloud.
Machine learning allows the software to understand known personal data and its context, and then discover and catalogue all the personal data in the data stores.
It integrates into automation frameworks such as Jenkins to monitor changes in the data over the development life cycle, helping to ensure it remains compliant with GDPR requirements.
It also helps with requirements to data breach responses, by allowing an organization to compare its data with stolen data dumps to determine if there has been a breach within minutes.
To help its clients tackle the upcoming General Data Protection (GDPR) rules, Microsoft announced the launch of a series of new data protection and compliance tools across its whole product range in a blog on Thursday.
The EU's GDPR norms set standards on how companies can use and store their clients' personally identifiable information (PII). It applies to companies based in the EU and those that use EU residents' data.
Using these tools could help Microsoft clients, especially those who rely heavily on Azure public cloud services, comply with GDPR standards before the 25th May 2018 deadline.
The first piece of the puzzle is the general availability of Microsoft Compliance Manager to Azure, Dynamics 365 and Office 365 Business and Enterprise clients on public clouds, according to the statement. Compliance Manager works with Microsoft cloud services to help clients make sure they meet standards such as GDPR.
For example, it details how to protect confidential data stored on Office 365 services., and includes recommendations on how to discover, classify, protect, and monitor personal data.
Mailchimp: Email Marketing tools
Mailchimp is doing a great job at explaining what they are doing to adapt to the law in a very good guide. They offer a series of security tools which their clients can implement to add additional layers of protection to their accounts.
For example, GDPR grants individuals greater rights over the use of their personal data, including the right to request it be deleted. As such, it is forecast that companies will see a higher level of subscription cancellations.
And the only real way of avoiding that is by offering the audience quality content to ensure they stay interested, with MailChimp makes it much easier and quicker to process those requests.
One of the fundamental premises of GDPR is that users give their unambiguous consent prior to their data being processed in the event that there is no other lawful basis for processing. The key lies in who, how and when this consent is given.
That's why we have launched the eConsent tool, the first "all in one" tool for acquiring proven consent to process and store personal data.
eConsent offers four modules depending on the needs of each company. Each of these modules demonstrates with full validity and in a transparent and non-intrusive way that the owner of the personal data has given their consent in accordance with GDPR.
Find all information about eConsent on > Solutions to obtain consent in accordance with the new GDPR
Although it may be difficult to predict today what impact the implementation of GDPR will have, we must all be ready, whatever happens, we must be sure that we fully understand the legislation, and have all the digital tools in place to make compliance straightforward.This post is also available in Spanish.