We are approaching the last moments before the EU's General Data Protection Regulation (GDPR) will be applied on 25th of May 2018. The IT-sector has been talking about the regulation for a few years now, but surprisingly little has been said about the pressure it sets for companies and other organizations, and on the other hand about the impact it has.
Digitalization in the European Union has evolved to the point that lawmakers have had to wake up. It’s natural that the people behind the legislation take leaps of advance slightly behind all other development just because it is almost impossible to foresee what kind of products and services will be traded in the future or what kind of data protection individuals will need in 10 or 50 years in the future.
“It is our job to provide organizations with tools to meet the requirements of the regulation”
In the information security business this has been a rather interesting development journey. The regulation has made us here at Deltagon to think of our own products and their functionalities and if they meet the demands of the new General Data Protection Regulation. On the other hand, it has also opened new development paths for us and thus brought us competitive advance when marketing our information security solutions. It is our job to provide organizations with tools to meet the requirements of the regulation.
“GDPR settings and the built-in default storage times serve as guiding recommendations for our customers to meet the requirements of the regulation.”
Specifically, making default settings for retention of personal data is an example of such functionality. However, development must take into account many different interests. First, the need for companies and organizations to retain information for potential or future use; secondly, the protection of personal data of individuals; and thirdly, but not least, the limits and requirements set by laws and regulations.
“Our goal is to guide and tell our customers where the information moves, and who manages it, and deliver the tool to our customers as part of their company's privacy practices.”
Unfortunately the regulation does not give absolute requirements or even answers to many questions. For example, what is meant by the "adequate safeguards" mentioned in the regulation when it comes to protecting the rights of the data subject by means of technical and organizational measures. This and probably many other fined down interpretation-guides still have to be waited on, but rest assured that we at Deltagon will be following the development and interpretation guides with critical eyes.
The need to safeguard personal data in organizations electronic communications will only grow and the need for it is here to stay. To provide security, also the security products have to constantly evolve. These are the reasons why we are always open to have a discussion of GDPR or give guidance on how we would answer our customer organization’s potential data protection challenges.
Please do not hesitate to contact me if wish to discuss the subject further!
Phone: +358 9 6850 3236