What is GDPR, main features & what makes our solutions compliant
On May 2018, one of the biggest changes in regulation of data protection and privacy will take effect – The General Data Protection Regulation (GDPR). The European Parliament, the Council of the European Union and the European Commission proposed a legislation (Regulation (EU) 2016/6790) in order to strengthen and unify data protection for all individuals within the EU. On May 25th, 2018, this legislation will become a law. Its intent is to ensure that organisations are including privacy in their security strategies and make them more accountable to their customers.
Synel can help you tick all the GDPR data related Boxes, introducing…
- Ability to store documents including agreements and consent details
- Complete management of ”Right to be forgotten”, including backups
- GDPR complaint reporting
- Ability to extract all data for a SAR request
- Highly secure and PEN tested cloud solution
Key Features of GDPR Compliance
- Individual’s Consent : With a view to protect individuals and make them more aware of what companies are doing with their personal data, the GDPR law strengthens consent. On top of multiple obligations as well as exceptions, it is now up to the companies that deal with data to demonstrate that they have collected the consent of each individual prior to any use.
- Designed Privacy : Privacy considerations must be built-in everywhere. Consider focusing on data privacy as a real responsibility in order to design your process correctly from the beginning. Furthermore, only data strictly required for stipulated purpose can be used.
- Data Portability : Individuals will have the right to move, copy or transfer personal data, even to a competitor. This measure aims to put power back into people’s hands concerning the treatment of their personal data and to promote healthy competition.
- Fines & Penalties : The UK Government and Information Commissioners Office (ICO) can attribute fines and penalties to companies that commit an infringement on the GDPR law. According to recent research, cyber-attacks can cost businesses from $14.00 to $2.35 million per incident and data breaches.
- Use of a Data Protection Officer : The Data Protection Officer can be an employee or a service contact and he can inform and advise for the implementation of a general policy of governance for your data. He will be able to secure and protect personal information owned by the company.
- Accountability : Accountability is defined by the ICO as “the obligation for companies to implement internal mechanisms and procedures to demonstrate compliance with data protection rules”. This includes training of employees, security reports and tests.
- Certification and Security : Data security is always in the middle of data breach cases and cyber-attacks. GDPR imposes a global security obligation on companies but also on their consultants. This is why, certifications and labels will be a major advantage and a mark of trust for companies. The designed privacy of a service may be for example the subject of a certificate.
- Data Transfer : Basically, this law covers EU businesses, plus those who process data for them, even outside the EU. Every data transfer out of the EU is normally forbidden. However, exceptions exists for certain kinds of transfers. Special contracts with non EU countries can be verified by EU authorities so as to allow those transfers.
- Data Breach Reporting : In case of a sudden data breach, data controllers must inform local supervisory authorities, such as the ICO in the UK, within 72 hours of becoming aware. In serious breaches individuals must be informed too.
Synel compliance of solutions & services
When you are working with Synel you can be sure that all 2018 & above realeased versions of Synel products and services are GDPR compliant. With Synel Software Solutions you can be at ease that you meet all the latest GDPR regulations.