Issue link: https://www.code42.com/resources/i/1425620
1 Our Insider Risk Management solution, Incydr supports customer compliance with GDPR requirements, giving organizations the critical data risk detection and response capabilities as well as data preservation capabilities needed for handling personal information. Incydr provides a powerful data protection foundation that contributes to a long-term GDPR compliance strategy and prepares organizations to meet evolving regulations and complex compliance requirements. What is GDPR? The General Data Protection Regulation (GDPR) is a comprehensive data privacy law in the European Union (EU). The aim of GDPR is to give individuals in the EU more control over their personal data, to create uniform data protection rules across the EU member states, and to reshape the way organizations approach data privacy. GDPR requires that businesses be able to prove their compliance. The possible fines for noncompliance are significant—up to €20m or 4 percent of global annual sales, whichever is greater. Who is subject to GDPR? GDPR applies to organization that conduct business in the EU, as well as any organization that: Offers products and/or services to EU residents; Monitors the behavior of EU residents; or Handles the personal data of an EU resident Personal data under GDPR includes any information that can directly or indirectly identify an individual. This includes names, email addresses, web identifiers, and even IP addresses and/or device identifiers. What are some of the key requirements? GDPR expands rights for residents of the EU, including the right to: Be informed about the processing of their personal data: what is collected, how and why it's being used Access their personal data and correct any inaccuracies Have their data transferred from one organization to another (data portability) Request (in some circumstances) the processing of their personal data be restricted or their data be deleted entirely. Additional obligations for organizations GDPR sets forth baseline data protection requirements for organizations that handle the personal data of EU residents to better safeguard the processing and movement of that data. These include: Implementing technical and organizational measures to ensure personal data is protected Maintaining documentation to prove compliance with GDPR Providing timely data breach notifications to the EU supervisory authority and, in some cases, to affected individuals or customers Transferring personal data outside the EU only if the organization receiving the data has adequate safeguards to provide the level of protection afforded to individuals under GDPR Requiring certain organizations to appoint a data protection officer to oversee GDPR compliance How does Incydr enable our customers to comply with GDPR? Incydr enables customers to comply with GDPR. Incydr allows you to see how your employees move data across vectors — including web browser uploads, Code42 + GDPR