The big rulings are still missing from the European General Data Protection Regulation. There were many reports, but only 75 fines were imposed across Europe. The frequently threatened highest penalty of 4 percent of global annual turnover was never applied. Does this mean that most companies did their homework and were able to minimise or completely avoid data breaches? Not at all. Many requirements are still not being implemented by numerous companies in various member states – and when they do implement these, it’s often a half-hearted effort. According to the regulation, however, personal data needs to be protected and managed better than before. Companies therefore still have a lot of work ahead of them to avoid coming into conflict with European law. Companies should primarily focus on implementing the following recommendations:
- Technical and organisational measures must be implemented under consideration of the data protection and IT security risks. This is the only way to credibly verify that personal data is being processed in compliance with the GDPR.
- Systems with personal data must be protected accordingly with regard to data protection and the current state of technologies.
- Declarations of consent must be collected and managed centrally and upstream.
- Companies that process personal data must protect these against unauthorised access.
Suitable investments in strong IT security solutions which support compliance with the European regulation are urgently required. Verifying and authorising identities centrally is thus the best way forward, even if these are managed in a decentralised manner. Guidelines can thus be enforced centrally and records can be managed more easily for audits. This also applies to access to personal data and access to web services which are protected via a central platform with strong upstream authentication. All access guidelines can thus be managed and enforced centrally and protected in line with the GDPR.
Learn more about IT security solutions from Airlock.
Airlock Secure Access Hub
By Thomas Kohl, Senior Business Development Germany at Airlock, a security innovation from Ergon Informatik AG