The GDPR Conundrum
The date for the European Union’s new data privacy regulations, GDPR (General Data Protection Regulation) is fast approaching. From 25th MAY 2018 GDPR will become enforceable. All personal data must be discoverable by the company upon request and any judged lack of compliance with these regulations is liable to incur hefty penalties.
Fines will be imposed depending on the severity of the breach. For minor breaches the fines will be up to 2% of annual worldwide turnover in the previous financial year or €10 million, whichever is the greater. For the more serious breaches, fines will be 4% of the turnover or €20 million.
Your organisation will have to answer the following questions regarding stored personal information:
- What personal data you have?
- Where is the personal data stored?
- Why are you storing this personal data?
- How long do you need to retain this data?
- Who has access to this personal data?
GDPR also requires that:
- Personal data must not be kept for longer than necessary
- Must be kept secure, but available for access
- Must be backed up and protected from data loss
Subjects are entitled to ask an organisation:
- What data is held about them
- Request to see it, update it and delete it
- Request restriction on processing personal data
- Ask to have the data in a format that can be ported
So, how can Adept-tec help?
Discover all your data
Our data discovery tool, Data Insight, integrates with archiving and security solutions to prevent data loss and ensure policy-based retention. The discovery tool will gather meta data about your environment and store the information in a database; it also listens to events such as read, write or security events for configured devices. It collects and analyses the meta data on a periodic basis and allows you to take remediation action.
For further information on the features of Data Insight please follow the link provided below.
Migrate using our migrations tools
Once we get an insight into the type and location of discovered data it may be necessary to migrate into either Enterprise Vault, the exchange mailboxes or Office 365. Advantages of migration include reducing the cost of storage by removing duplicate files or content, automatically deleting files once they have been successfully migrated and cleaning up orphaned data.
Search and Classify your archived data
For those organisations that already have Enterprise Vault or that are considering using Enterprise Vault as an archiving tool for Mail and File Systems, the new Veritas Classification Engine introduced in version 12.2 is specifically designed to help organisations comply with GDPR.
Enterprise Vault Classification allows organisations to use pre-configured country specific Personal Information (PII) policies to discover personal information or create customised policies. Search on multiple or specific languages and assign a tag to the email or file to make them easily identifiable when running legal discovery. Enterprise Vault Classification automates assigning retention categories to this classified data and allow organization to delete data with confidence.
For further information on the features of Enterprise Vault Classification please follow the link provided below.
Adept-tec will work with you to ensure that you will be GDPR compliant.
Contact us to arrange a discussion about your data compliance needs.