3 easy steps to comply with General Data Protection Regulation (GDPR)
Carolina Marino Sargeant
Subject Matter Expert, Security
We are now only seven short months away from when the General Data Protection Regulation (GDPR) comes into full force. Even though it is a new regulation, its content is not completely new. It offers a consolidation of many privacy laws. It will take some initial work for companies to adapt themselves, but in the end, it will make compliance and enforcement much easier across borders.
On one of my previous blogs I shared 5 things companies need to know about GDPR. One of these facts is that GDPR applies to any company holding data on EU citizens, regardless of the company’s location. The fines are heavy enough to convince companies of all sizes to make changes.
But what is it that companies need to change? Here are a few aspects to take into account:
All companies hold some personal data on their customers. How much do they know about the personal data they store? What is it? Who can access it? Where is it stored? Why are they collecting it? Are they asking only for essential information? Once companies figure out the current state of affairs, they will have a better idea of the changes they need to make to data usage and access. Thus, they ensure their companies comply with GDPR.
Let’s assume that companies already know what data they have, where it sits and who has access to it. They also revisited their rules to minimise risk. Next step: ensure they implement security measures that will not only keep hackers away but will also help them detect and respond faster to any breaches that may compromise customers’ personal data.
GDPR compliance is everyone’s businesses. All departments should have basic knowledge of their company’s data protection policies. They should know what they can do within their roles to keep data safe and also how to report a potential breach, such as accidental disclosure.
Cisco has its own plan for GDPR compliance. Our data protection plan goes from the way we develop our products with data privacy in mind, to how we manage data and what we do in case a data breach happens. We also obtained third party certifications that can help our customers be confident about how we protect their data.
We also offer solutions and services that can help companies comply with GDPR. To find out more, visit our GDPR webpage.
October is the European Cyber Security Month. Learn more about this campaign at cybersecuritymonth.eu or follow #CyberSecMonth on Twitter.