List Headline Image
Updated by J-P De Clerck on Apr 12, 2018
 REPORT
11 items   1 followers   0 votes   20.4k views

GDPR and security: a list of resources

Source: https://www.i-scoop.eu/gdpr/

Best practices, procedures, and encryption: New steps towards the 2018 GDPR objective

The road to compliance begins with a meticulous audit of current procedures affecting personal data.

Cyber Security and the new European General Data Protection Regulation “GDPR” - CREATe.org

Members of the European Parliament voted in favor of the EU’s first ever cyber security protection regulation on July 6, 2016. Under the new network and information security directive, crucial sectors, such as energy, transport and banking, must ensure they are able to resist a cyber-attack. In addition to boosting cyber security cooperation between EU countries, the new directive will require critical sectors and digital service providers, such as Amazon and Google, to report serious security breaches to national authorities within 72 hours of the incident or face penalties of up to 4% of total revenues.

Data security and breach reporting under the GDPR and NISD

The General Data Protection Regulation 2016 (GDPR) and the Network and Information Security Directive 2016 (NISD or Cybersecurity Directive) are both EU pieces of legislation. The GDPR will apply automatically in EU Member States from 25 May 2018, whereas NISD requires Member States to introduce implementing legislation by 9 May 2018.

EU GDPR – Security of personal data

Data security plays a prominent role in the new General Data Protection Regulation (GDPR). Compared to the current Data Protection Act (DPA), the GDPR imposes stricter obligations on organisations with regard to data security while simultaneously offering more guidance on appropriate security standards.

EU GDPR to have profound effect on privacy and security

The EU GDPR (General Data Protection Regulation) completely changes the way organizations handle their customers’ sensitive data.

Five Security Strategies for GDPR Compliance

When it comes to security expectations around protecting customer data, GDPR is very clear. What isn’t quite as clear is exactly how an organization should go about securing their data. The road to compliance might be different for every organization, but the end result should include methods for reducing the security vulnerabilities and new ways to track and report personal data access and processing.

GDPR - Security of personal data and what to do in the event of a data breach

As data security requirements also exist under the Data Protection Directive (Directive 95/46/EC) many companies have already adopted technical and organisational security measures to protect personal data. However, these security requirements will be extended under the GDPR.

General Data Protection Regulation: A Short Guide to Data Security in the GDPR

A Brief Overview of the GDPR and the Need for Higher Privacy and Security Standards

Operational impacts of the GDPR: data security and breach notification

Data security plays a prominent role in the new General Data Protection Regulation (GDPR) reflecting its symbiotic relationship with modern comprehensive privacy regimes. Compared to Directive 95/46/ec, the GDPR imposes stricter obligations on data processors and controllers with regard to data security while simultaneously offering more guidance on appropriate security standards. The GDPR also adopts for the first time specific breach notification guidelines.

Prepared for the GDPR? Top 10 Findings From Hurwitz & Associates Survey

Organizations must have a strong understanding of where their data resides and what data they posses to comply with the GDPR. They must be mindful of the right to be forgotten provision, for example, and the need to notify impacted parties within a reasonable window of time in the event of a breach.

Security Think Tank: Information security professionals have key role in GDPR compliance

What is the role of information security professionals in helping organisations to ensure they are compliant with the EU’s General Data Protection Regulation (GDPR) by 25 May 2018?