The General Data Protection Regulation (GDPR) will come into force on May 25th 2018 and will involve all organizations that process European residents’ personal data. In case of failure of compliance with such a regulation, businesses could face fines of up to €20 million or 4% of global revenues.
So as to handle and minimize such risk, Cluster Reply has identified in partnership with Microsoft a best practice able to guarantee a principled approach to the management of the privacy and security of personal data. This best practice goes under the name of “GDPR Readiness”.
The General Data Protection Regulation (GDPR) is a privacy-relative regulation that is born as an evolution of the Data Protection Directive (DPD).
The DPD dates back to 1995 and requires EU member states to develop laws able to meet rigorous minimum standards taking into account the use of computers and electronic devices for the processing of personal data. Over time, however, this directive has led to several disadvantages and inconsistencies, like the impossibility of protecting inviduals’ rights and privacy from the steady march of technological progress. Hence, and in order to overcome such disadvantages, the GDPR has come to existence.
From the perspective of businesses and organizations, the GDPR represents a real revolution, since it entails the review and redefinition of all existing organizational policies and procedures as well as the implementation of new and adequate security controls. This because many new mandatory requirements have been introduced, like:
The GDPR, then, represents something that every organization must take into account and face in a structured and well-defined manner. Only in this way it can be able to come out as a winner.
“GDPR Readiness” is the security practice that Cluster Reply and Microsoft have crafted to support organizations in their quest for compliance. Based on Microsoft best of breed technology and on Cluster Reply expertise in its operation and configuration, it allows companies to successfully face and overcome the GDPR challenge.
The principle at the basis of this practice simply consists in subdividing the entire process of compliance in four key phases:
Discover, manage, protect and report on personal data represent four mandatory activities to be able to adequately respond to the requirements imposed by the GDPR. The “GDPR Readiness” practice addresses this issue and enables organizations to streamline their process of compliance and be prepared to safeguard the rights of their customers and partners.
As described above, the “GDPR Readiness” security practice is a structured approach to the problem of achieving compliance with the GDPR. As such, it enables companies to be organized and prepared in the face of such a fundamental activity.
Organization and preparation, however, are not the only available features. On top of that, in fact, there are two essential elements: Microsoft technology and Cluster Reply know-how.
Being a leading IT company, Microsoft has developed over time an extensive expertise in protecting data, championing privacy, and complying with complex regulations. Its products are designed with industry-leading security measures and privacy policies to safeguard customers’ data, and its services have been defined to help meet the GDPR requirements.
On its side, and as a Microsoft Gold Certified Partner, Cluster Reply stands out in adopting and operating these products and services, and through its more than ten-year expertise excels at helping customers in achieving their business objectives taking advantage of Microsoft technology.
This two-fold advantage will be the real driver able to lead customers to success and will eventually help them to overcome the fear of the GDPR.
Achieve compliance with the General Data Protection Regulation requires the implementation of a large set of different activities, which, on its part, entails the need for a careful planning and demands an in-depth expertise.
Through the definition of a well-structured framework and the knowledge of Microsoft cutting edge technology, Cluster Reply “GDPR Readiness” security practice aims at supporting organizations in facing this challenge and coming out as a winner.
The final purpose underlying the definition of this security practice is to definetely help customers meet their policy, people, process and technology goals, and facilitate them to start their journey to GDPR.