GDPR

Sensitive data should be encrypted both in transit and at rest

Framework Snapshot

The General Data Protection Regulation (GDPR) is a legal framework that sets strong guidelines for the collection and processing of personal identifiable information (PII) of European Union (EU) citizens. Even if an organization doesn’t have an EU business presence, it is still bound by GDPR if it stores or processes PII from EU citizens, no matter where they reside.

Not surprisingly, GDPR fines are designed to make non-compliance a costly mistake for any business, large or small.

GDPR Automation: Compliance for Less

The SureShield platform simplifies GDPR compliance by automating technical controls and guiding you through operational controls. SureShield’s automation will reduce your overall GDPR compliance cost by up to 90% when compared to traditional, labor-intensive compliance methods. For organizations requiring compliance to multiple frameworks, crosswalk automation drives cost savings up toward 90%.

GDPR Privacy Laws

Start Your FREE TRIAL


    *Required fields

    Key Data Protected by GDPR

    Identity

    Basic identity information such as name, address, and ID numbers.

    Health

    Health, genetic, and biometric data.

    Sensitive Data

    Racial, ethnic, sexual orientation and political data.

    Data Privacy

    Web data such as location, IP address, cookie data, and RFID tags.

    GDPR clarifies what organizations and third-party companies must do to safeguard consumer data. The risk of regulatory fines and lawsuits after a data breach is high, but so is reputational risk.

    Recital 83 and Article 32 of the GDPR explicitly mention ‘encryption’ when discussing technical and organizational security measures. Sensitive data should be encrypted both in transit and at rest. Proper encryption is critical because if a breach occurs, encrypted data is illegible, and therefore useless. The 72-hour reporting window for data breaches underscores the importance of well-structured communication channels.

    1

    Activate GDPR framework

    2

    Install scanner for compliance evidence gathering

    3

    Review baseline evidence to score compliance control status

    4

    Close compliance gaps

    5

    Ongoing compliance and gap surveillance

    6

    Enforced maintenance of compliance readiness

    Free COMPLiANCE Assessment

    Do you need help assessing your compliance readiness? Learn how our automated crosswalk technology will dramatically reduce your labor requirements. Schedule your free consulting session, up to 1 hour.