I recently had the opportunity to author an article for CMSWire about how the European Union (EU) General Data Protection Regulation (GDPR) will have effects that reach beyond just the EU.
In addition to EU-based organizations, companies with a significant European presence will also be subject to the new requirements (e.g., greater fines for data breaches, privacy impact assessments)
Although organizations may have about two years to come into compliance, it’s time to rethink privacy and security strategy now– especially as it relates to IT.
The new GDPR IT requirements will likely mean a significant shift in organizational processes, so it’s important to consider how the new law will affect your IT and business practices. Some considerations:
Are your standardized processes automated?
Are you conducting privacy impact assessments to analyze risk?
Are you taking a risk-based approach to data protection?
Do your policies demonstrate accountability?
Answering these questions will help guide you to proactively ensure compliance with the EU GDPR.
To read more about the global implications of the EU GDPR, please visit CMSWire.
To learn how AvePoint can help your organization with compliance management, please visit our website.
Dana Louise Simberkoff is the Chief Risk, Privacy and Information Security Officer at AvePoint. She is responsible for AvePoint’s privacy, data protection, and security programs. She manages a global team of subject matter experts that provide executive level consulting, research, and analytical support on current and upcoming industry trends, technology, standards, best practices, concepts, and solutions for risk management and compliance. Ms. Simberkoff is responsible for maintaining relationships with executive management and multiple constituencies both internal and external to the corporation, providing guidance on product direction, technology enhancements, customer challenges, and market opportunities.
Ms. Simberkoff has led speaking sessions at data privacy and security events around the globe. She was featured in Forbes, writes a monthly column for CMSWire, and was highlighted in the CSO Online list of “12 Amazing Women in Security”. She is a current member of the Women Leading Privacy Advisory Board and a past member of the Education Advisory Board for the International Association of Privacy Professionals (IAPP). Ms. Simberkoff holds a BA from Dartmouth College and a JD from Suffolk University Law School.
LinkedIn: www.linkedin.com/in/danalouisesimberkoff/en
Twitter: http://www.twitter.com/danalouise