Visa Europe revealed important stats about the usage of Contactless Cards. Poland, Spain and the UK use this payment methd the most, with UK usage growing by 300% year over year.
The GDPR places data security at the heart of every organisation controlling data in Europe and/or the data of European citizens. Its emphasis on privacy by design means that all data processes within an organisation have to be compliant. Data security is no longer only a concern for the IT team.
While IT departments will still be the port of call for storing data securely and providing secure networks, IT will need to understand how marketing, sales, finance and HR process data in order to keep it secure.
To guide other departments towards privacy by design, IT needs to be able to ask the right question to the right stakeholders in an effort to obtain and maintain compliance.
Our compliance experts have created a GDPR Mapping Questionnaire based on how we already approach PCI DSS compliance with our customers. With this questionnaire you have a solid starting point to guide these internal conversations.
Once you have mapped the answers to these questions, you’ll want to start thinking about how to become compliant. The most straightforward way of doing this will be actually tackle one of the GDPR’s requirements:
By creating a Data Process Inventory you’re not only fulfilling the requirement to document your processes, but perhaps even more importantly, you are creating an overview of all your processes that involve personal data. This allows you to assess for example, whether your processes meet the Article 5 processing principles.
A data processing inventory should list each activity and outline at least:
Find the complete Article 30 here.
As IT might not be aware of some ‘hidden’ processes (e.g. downloading and storing of spreadsheets locally or marketing monitoring tools), every department should be actively involved in the creation of a process inventory.
If you’d like assistance in setting up or managing a Data Process Inventory, get in touch with us and we can guide your organisation through the actions necessary.
I am the Founder of Advantio.
Technology has been my passion since I was a kid; when I first heard the handshake of an old 300bps modem I realised security would be key in an interconnected world. Since then it has become my passion and primary focus.
The reason why I've started my own business is to make IT Security simple.
Certifications: CISSP / CCSA (Checkpoint) / ITIL Foundations / ACSA (ArcSight)/ Linux+/ PCI-QSA / PA-QSA