Key Technologies and Best Practices for GDPR ... General Data Protection Regulation (GDPR):. Who Must ... Launch a data
Key Technologies and Best Practices for GDPR Success An IDC infographic sponsored by Commvault, April 2017
General Data Protection Regulation (GDPR):
Who Must Comply? It’s GLOBAL in reach! ALL organizations processing information about European data subjects must comply
Fines of up to 4% of annual revenue or 20 millions €, whichever is greater for non-compliance
Start date: May 25, 2018
25
Key Requirements of GDPR Right to be forgotten (RTBF, Article 17) Data protection by design and default (Article 25) State of the art (SOTA, Articles 25 & 32) 72-hour data breach notification (Articles 33 & 34) Data minimization principle (Article 5)
Which GDPR Requirements Are Most Challenging? Top 5 Most Challenging GDPR Requirements
55%
53%
50%
DATA ENCRYPTION/ DATA BREACH PSEUDONYMIZATION NOTIFICATION WITHIN 72 HOURS
DATA PROTECTION BY DESIGN AND DEFAULT
48%
47%
DATA DEFINING PORTABILITY “STATE OF THE ART”
Source: IDC’s 2017 GDPR survey, N=560
Which GDPR Compliance Actions Are Most Challenging? Top 5 Most Challenging Compliance Actions
59%
54%
UNDERSTAND DATA AREAS AFFECTED CLASSIFICATION AND REQUIREMENTS
53%
51%
50%
DATA LOSS PREVENTION
EMPLOYEE EDUCATION
ANONYMIZE PRIVACY DATA
Source: IDC’s 2017 GDPR survey, N=560
Best Practices for GDPR Compliance Set up a cross-functional data governance team Launch a data mapping and analytics project Use a single platform for data governance and policy management Define state-of-the-art IT technologies necessary for GDPR compliance Develop an incident response process and TEST IT!
Get Started Now! The compliance countdown has started: 40%
17%
40% of organizations are only just getting started
17% have no plans
GDPR compliance is a business opportunity 27%
27% of organizations see GDPR compliance as a chance to improve the efficiency of or overhaul information governance
13%
13% see it as a competitive advantage due to improved reputation, better customer experience, and reduced information-related risks To learn more about GDPR requirements and success factors, download the IDC Executive Brief, “5 Essential Steps for GDPR Compliance,” sponsored by