As data privacy legislation matures, and regulators exercise the full extent of their powers, it is vital that organisations know what data they have, where it is and how it’s protected in order to confidently demonstrate compliance. Cloud Business’s Data Privacy & Compliance Service minimises risk and enables greater business agility in the digital workplace.
GDPR, remote working and the challenges of compliance
Do you know where all your organisation’s PII is? Could remote workers have exported data onto a personal laptop to review or manage it? Or might a disgruntled ex-employee demand a DSAR knowing that this will result in a costly and protracted process to identify their PII?
Many organisations are unable to demonstrate with confidence where their PII resides. As a result they are vulnerable to fines from the ICO for non-compliance, and significant costs when processing DSARs.
That’s why Cloud Business and our technology partner eSpyder have developed a Data Privacy & Compliance Service to support DPOs, reduce the burden on your IT team, and ensure company compliance with GDPR regulations and global data privacy legislation.
Our service includes:
- Date discovery & review
- GDPR compliance assessment & implementation
- Automated monthly data discovery & reporting
Take advantage of a 60 day POC trial of our Data Privacy & Compliance Managed Service.
Complete the form to register your interest.
eSpyder is a system, platform and device agnostic solution that integrates into existing IT environments with no need for additional server infrastructure. It will scan PCs, laptops, data servers (cloud and on premise) regardless of location and get visibility to what data resides in each system or datastore.
- Designed to support Data Protection Officers
- Supports mobility and remote working strategies
- Provides ongoing visibility on where data resides and who can access it
- Reduces risk and enables cost effective compliance
- Platform and device agnostic, integrates with the Microsoft stack
GDPR and Covid-19
Remote working has inevitably created some challenges for CIOs, DPOs and IT professionals in respect to GDPR.
The Information Commissioner’s Office (ICO) is taking a pragmatic approach to GDPR and the Data Protection Act during lockdown. In a statement it said:
“We understand that resources, whether they are finances or people, might be diverted away from usual compliance or information governance work. We won’t penalise organisations that we know need to prioritise other areas or adapt their usual approach during this extraordinary period. We can’t extend statutory timescales but will tell people through our own communications channels that they may experience understandable delays when making information rights requests during the pandemic.”
However, as we adjust to the ‘new normal’ we can expect the ICO to be less lenient as they in turn expect organisations to get a grip on information governance and their response to DSARs; regardless of remote working constraints. Furthermore, as many companies explore whether to take a remote-first approach to the workplace post-lockdown, GDPR compliance and data privacy have to be addressed.
No one knows whether we will be able to return to business as usual this year or next, or what the future holds if there are Covid-19 spikes or seasonal trends in the virus. Therefore, the onus is on organisations to adapt and protect PII and their business irrespective of the current challenging conditions. The pandemic is not an excuse for non-compliance, however effective data privacy compliance can be an opportunity.
One lesson shrewd organisations have learned during the global Covid-19 lockdown is that business agility will be key to survival and gaining a competitive edge. What has also become clear is that digital transformation and data privacy are at the heart of achieving that business agility and adapting to evolving business conditions.
To learn more about the GDPR 2 years on, watch our on demand webinar. Gary Duke from Cloud Business and Tim Dunn and Thomas Zell of eSpyder discuss GDPR 2 years on, the impact of remote working, the GDPR ‘journey’ and the how compliance can significantly reduce costs and increase your business agility.
Watch on demand.
Compete the form to sign up.