Managing the Challenges of the Cloud Under the New EU General Data Protection Regulation

November 18, 2015

European Union data protection law requires organisations to take adequate measures to ensure the security of personal data. This obligation must be met regardless of the means used to process the personal data. The security obligation covers not only enterprise information systems, but also cloud services used to process the personal data. Data breach notification obligations, steep fines up to 5% of the company’s annual turnover and increased public scrutiny of how organisations use and protect personal data require that they pay close attention to the security of personal data.

One of the central principles of the European Union’s new General Data Protection Regulation (GDPR or regulation) is its Accountability Principle: organisations must demonstrate that they comply with the GDPR and that they have taken appropriate measures to ensure compliance. Add the new ‘right to be forgotten’ and the new privacy principles of Data Protection by Design1 and Data Protection by Default2 and one can conclude that managing compliance with the GDPR is going to be a challenge.

Previous Flipbook
Cloud App Vendor Assurance Checklist
Cloud App Vendor Assurance Checklist

For IT and security teams that have yet to build their own methodology for assessing cloud app vendors, Net...

Next Flipbook
EU GDPR Cloud-Readiness & Compliance Checklist
EU GDPR Cloud-Readiness & Compliance Checklist

As organisations start taking action to comply with the GDPR within the deadline, one of the most difficult...