The General Data Protection Regulation (GDPR) is a new European legislation that will strengthen and unify data protection for all individuals within the European Union (EU). It aims to protect all EU citizens from privacy and data breaches in an increasingly data-driven world.
Apogee works with organisations to develop a tailored strategy for GDPR compliance based on their current data management and processes, and future data activities. There is no one-size fits all solution. Below are 4 initial tactics Apogee can help to employ in order to assist your organisation work towards GDPR compliance.
Data mapping is a broad term that can mean different things to different organisations, but commonly there are two main strategies for establishing where the data actually resides:
Data lifecycle scoping
Building on data mapping by creating a shortlist of possible locations where the data will likely be found, taking into account all stages of document lifecycle from creation/input through to destruction of data.
Define data sets
Establishing what data is personal vs business, through discussion with internal policy makers and stakeholders (Legal, IT, Compliance, Risk).
Structured data searches
Specialist software is then used to search the identified data for PII using a combination of techniques:
Effectively implementing these 4 tactics will work towards GDPR compliance, however, there are other strategies that Apogee can help utilise that will be needed in order to ensure your organisation is fully compliant.
GDPR will be introduced on 25th May 2018 and non-compliance by this time will incur heavy fines. Make sure your organisation isn’t at risk by getting in touch today to understand all the tactics that Apogee can help with before significant financial penalties are imposed.
Share this article: