By: Dennis Driscoll (dennis@anchorcomputer.com) |
Connect on LinkedIn |  |
Protecting Data in the Wake of the GDPR & EPD
The General Data Protection Regulation (GDPR) recently went into effect throughout the European Union. The regulation focuses on defining and protecting personal data in all forms. The GDPR is binary, a customer deletion request must be honored and there is no room for negotiation.
It’s only a matter of time before American firms without EU ties are required to adhere to a similar set of US based regulations. In fact a referendum is on the table in California this fall to require similar policies for state resident’s personal data.
The volume and velocity of data generated in a company’s digital ecosystem can be immense, and the onus upon protecting that data becomes paramount.[1] The risk of non-compliance to any upcoming personal data regulations, or the public relations disaster of a data breach must be mitigated. Companies must constantly revamp their data security & disaster recovery policies to be fluid living documents.
Many companies utilize an Enterprise Tag Management System to secure data and manage privacy concerns.
- Tags are used to collect and distribute digital customer data, and control when and where it’s accessed and utilized.
- Tags are used to monitor data and enforce compliance throughout the enterprise.
- Tags with real-time enforcement of rules allow customers to opt-out immediately.
- Tags are used to insure the security of the data along with a comprehensive corporate security policy.
A comprehensive Data Security & Disaster Recovery policy is essential for compliance to any upcoming US data regulations.
Anchor Computer’s Security Policy is frequently updated, and includes protocols to protect against data breaches and secure client’s data. 24 hour video surveillance, biometric scanning on entrances, and a name badge policy contributes to a secure physical facility. A high level firewall to prevent data breaches. A policy against mobile phone tethering to USB ports limits network exposure to viruses.
A portion of our Disaster Recovery plans includes a site with redundant electrical and communications. 24 hour security monitoring, backups of all databases, newly acquired data, and current project data files for immediate use if necessary.
Data handlers and data processors have to stay proactive and improve their security policies constantly. Any high level mishandling of customer data in the current climate could accelerate the adoption of strict US regulations on personal data in all forms.
As data regulations evolve, so must the Security measures used to protect it. A scalable flexible system that covers your data from entry to exit is essential to any enterprise.
[1] Josh Manion “Data Security And Privacy”