General Data Protection Regulation

GDPR aims to standardise data privacy laws across the European Union (EU). The Act establishes a single, harmonised EU regulation and seeks to regulate how an organisation must handle personally identifiable information about its clients and workers who are located in the EU.

No matter where the data is collected, stored, or processed, it is protected for all EU subjects.

Fundamentals of GDPR

Data Protection Officers-

Ensure compliance meet GDPR requirements

Highly Accountable Data Controller-

The GDPR rule imposes additional responsibilities on data controllers to assure compliance.

Design Privacy-

Implement significant security measures

Reporting of Breach-

Within 72 hours of detection of vulnerabilities report to EU authorities about the breach.

Consent of User-

Important attention on end user consent may compel companies to change contracts to follow new consent regulations.

Personal Identifiable Information

Personal Identifiable Information (PII) is any data that identifies an individual. It can be any information used to de-anonymize anonymous data.

Personal Identifiable Information Examples

Name

Physical Attributes

Medical Information

Identification Number

Location Data

Email Address

Person’s economic, cultural or social identity

Where can it be discovered?

Emails

Documents

Databases

Metadata

Lof files

Backups

Services we provide under GDPR

1. Services of Assessment and Discovery

GDPR Compliance & PIPA

Identify current policies, processes, and accountability mechanisms for processing personal data in your organisation that is used and upgraded for GDPR compliance.
Provide a recommendation and compliance strategy.

Discovery of PII Data (Process & Technologies)

Discover PII across your company and policies controlling its use and management.

Assessing PII Data Protection

To assist Understand your company's personal data eco-system.
Track the essential KPIs that demonstrate your GDPR compliance.

2. Service of Remediation

Design and Re-Alignment of Policies/Procedures

Identify policy aim, develop, review, & enforce policy framework.

Data Security Controls

GDPR Gap Assessment & PII Data Discovery.
DLP, Pseudonomy, Data Classification (Encryption & Data Masking).
Identity & Data Access.
Governance, Identities with Privileges, and Access Management

Implementing BDC (SOC)

Manage incidents (SIEM).

Services offered by DPO

Review policies and procedures.
Audit/Evaluation.
Management of Breaches.
Management of Data Rights.
Management of Data Security.
Training and Awareness Program.

Managing GDPR Program

Manage end to end GDPR compliance programme, from the discovery stage through the maintenance phase..