GDPR implementation compliance plan

A SUMMARY OF WHAT YOU NEED TO KNOW

• There is a two year transition period for implementation –the law will apply in the spring of 2018!

• Companies will have to appoint a DPO (Data Privacy Officer), who is responsible for advising on and monitoring GDPR compliance, and is a point of contact for the authorities.

• Data authorities and consumers must be notified within 72 hours after the discovery of a breach.

• Local data authorities will have additional resources to investigate and audit data controllers, and processors and their sub-contractors. A new European Data Protection Board will act as a super data authority to handle disputes between authorities.

• A tiered penalty framework with fines of up to 4% of global annual turnover (or €20,000,000, whichever is higher) for more serious violations, and up to 2% (or €10,000,000) for other violations, such as failing to notify a data authority about a breach.

• Beware! Data controllers and processors are not the only ones responsible… sub-contractors may also be penalised in the event of violation. GDPR compliance date – 25th May 2018

WHAT’S THE GDPR TRYING TO ACHIEVE?

• The harmonisation of European data protection rules and regulation with a single law, and consistent enforcement.
• To establish the right to personal data protection
• An improved framework for the European Digital Single Market
• To encourage innovation while ensuring a high level of protection for citizens

ACTIONS TO TAKE AT ONCE

• Identify where personal data is located (NAS, SharePoint, Cloud, etc.)

• Delete global accesses and overexposed data

• Apply a least privilege model

• Monitor and audit data access and permission changes

• Set up automatic alerts for incident response and remedies

• Increase security with machine learning and user behaviour analytics (UBA)

• Establish data retention procedures and systems so that data is not stored longer than necessary

BROOKCOURT CAN ASSIST WITH:

• DatAlert: User Behaviour Analytics
• DatAdvantage: Data Audit & Protection
• Data Transport Engine: Data Retention & Migration
• Data Classification Framework: Sensitive Content Discovery
• DataPrivilege: Data Access Governance

GDPR implementation compliance plan
e: contact@brookcourtsolutions.com
t: 01737 886111

GDPR implementation compliance plan

Recent Posts

How will AI impact cyber threats over the next 2 years? >

Contracts Wins for Brookcourt Solutions: A Global Financial Organisation and a Government Department >

Reduce Operational Risk with Threat Intelligence >

Leading the Charge: Ensuring AI Safety in Business with Advanced Technology >

Brookcourt Solutions Win Customer Service Award at the Computing Security Awards 2023 >

October is Cyber Security Awareness Month >

Brookcourt Solutions are shortlisted at the Computing Security Awards 2023 >

Brookcourt Solutions receives prestigious Logo Acquisition Award from technology partner, Proofpoint >

Why being agile matters when it comes to a ransomware attack >

Brookcourt Solutions signs strategic reseller partnership with Goldilock to become a UK channel partner for it’s ultimate “Cyber Kill Switch” >