VMware: GDPR and Addressing Data Security Gaps with VMware
What an exciting opening keynote here at VMworld® in Barcelona! You’ve just heard Pat Gelsinger talk about the EU General Data Protection Regulation (GDPR). The GDPR legally mandates that organizations protect personal data and extends its reach beyond those established in the EU to others beyond its borders. The regulation also requires that companies respect an individual’s legal right to privacy and that organizations must be accountable for the personal data they process. It sounds simple, but in getting “GDPR ready,” businesses are currently reviewing the way they handle and treat personal data, instituting and enforcing adequate business governance, policies and processes to protect that data. The fines for non-compliance could be substantial. More important, this activity makes great business sense.
As Pat said, no technology company can ensure you are fully “GDPR compliant.” That’s like saying you’re “traffic compliant” when you follow traffic laws – or “out of traffic compliance” when you run a stoplight. Simply buying a Mercedes and claiming the car itself is safe will do no good if you’re stopped by the police. Aligning to the regulation requires an intimate and ongoing understanding of privacy laws, business policy, and how to act correctly in the event a problem arises with someone’s data. Technology alone cannot solve the lack of a privacy and data protection governance program.
That’s not to say that information technology doesn’t have a part in GDPR preparation and management. Technology can be leveraged as a tool aiding certain compliance functions or data protection tasks. As your organization evaluates the ways that personal data flows through the different functional groups and systems – such as email marketing, human resources or customer data – IT can determine how the data is secured. To begin, IT can align with how the organization is mapping its data. Privacy consultants may advise clients to create a current data map for personal data controlled by the business or processed on behalf of others. Answering questions like:
Read the entire article here, GDPR and Addressing Data Security Gaps with VMware
via the fine folks at VMware!