The GDPR framework requires companies to meet a set of well-defined risk-based wisdoms

The perfect cyber security storm, how prepared are businesses across Europe
January 14, 2019
The Role and Responsibility Of the Board and Senior Management in Cybersecurity and Data Protection
January 15, 2019

The major cyber breaches at Equifax, Marriot, Adult friend finder and other companies make sense to impose rather rigid cybersecurity obligations on individual companies. The current GDPR compliance obligations are global, reasonable and clear. The framework of GDPR requires companies to meet a defined set of risk-based requirements, that is developed through a collaborative, multi-stakeholder (HR, Legal, IT, Procurement, Sales) process, and cannot be a safe harbor from liability. Companies must prevent and contain a data breach and secure that confidential or sensitive personal information is not leaked or disclosed illegally and ensure that preventative steps are taken to stop it from happening again.  GDPR recognises that the data subject is the victims, and the processor or controller’s responsible for deliberate or unintentional action that cause the loss of access to personal data as a result of malicious cyber activity.

Attend one of our seminars to get a set of 30+ templates, policies, procedures and a GDPR Roadmap and Framework.