Following the implementation of the new General Data Protect Regulation on 25 May 2018, organizations should now be fully compliant with their national interpretation of this far-reaching data protection standard. The reality is that most are not; whether through their inappropriate use of online cookies or ineffective physical data security, businesses continue to struggle with the increasing pressure from regulators to apply the Regulation. Non-compliance is widely due to misinterpretation, lack of real-world thinking, and challenges in balancing costs against business practicalities.
This book provides insight into how to achieve effective compliance in a realistic, no-nonsense and efficient way. The authors have over 100 years’ collective international experience in security, compliance and business disciplines and know what it takes to keep companies secure and in-line with regulators’ demands. Whether your organization needs to swiftly adopt GDPR standards or apply them in “Business as Usual” this book provides a wide range of recommendations and explicit examples.
With the likelihood of high-profile penalties causing major reputational damage, this book explains how to reduce risk, run a remedial project, and take immediate steps towards mitigating gaps. Written in plain English, it provides an invaluable international reference for effective GDPR adoption.
"The GDPR was introduced in May 2018 and has had an impact on all organisations that store or process the personal data of any EU Citizen. Understanding the ethical implications of the legislation and knowing what you need to do and also what you don't will be important to your company." - Dr Blay Whitby is a philosopher and technology ethicist specialising in computer science, artificial intelligence and robotics. He is based at the University of Sussex, England. He is also an ethics expert for the EU and a member of the UK All Party Parliamentary Advisory Group on AI.
"The GDPR was introduced in May 2018 and will impact any organisation that processes the personal data of any EU Citizen. Understanding what you need to do and also what you don't will be important to your company." - Matthew Bellringeris a former Head of Platform Development, in the IT Services department of the University of Sussex, and Founder of Meaningbit.com.
"Written to help those who manage data, GDPR: How to Achieve and Maintain Compliance provides clear and concise information in an easy-to-read format. Why should a non-European business care about EU privacy data? The answers are found throughout this book, which includes numerous references to articles and recitals in each chapter." - Mark A. Terry, CPP, PCI, PSP, CISSP
About the Authors, Acknowledgements, Introduction, Section 1 – Does the GDPR apply to you? Section 2 – GDPR Principles, Section 3 – Key Roles, Section 4 – Rights of the Data Subject, Section 5 – Your GDPR Project, Section 6 – Information Security Best Practice, Section 7 – Awareness, Section 8 – Data Handling and Management, Section 9 – Data Breaches, Section 10 – Your Technology Environment, Section 11 – Assessing Your Suppliers, Section 12 – Direct Marketing, Section 13 – Privacy Notice(s), Section 14 – The Regulation and Articles, Index