[email protected]    (800) 499-5834
[email protected]    (800) 499-5834

GDPR

Are you compliant with the new General Data Protection Regulation (GDPR)?

Protecting consumers’ personal data has become even more critical for companies that do business within the European Union (EU) – including US-based companies.  Additionally, the passing of the California Consumer Privacy Act of 2018 shows that a new wave of privacy rights is arriving here in America, too.

New policies for how personal data can be used, how it needs to be handled, and how you must react if it gets compromised have changed the game when it comes to data management and security.

At Intersec, we’re guiding our international clients through the transition – from implementing the proper new procedures to maintaining compliance with acting accordingly when something goes wrong.

How Does It Work

We believe in a full-service approach to GDPR compliance.  We start by helping you understand your data and how you process it, and we check for any current breaches.  Then, we take you through the remediation process of getting compliant and maintaining your compliance in the future.

Step 1: Data Discovery

Ready or not – where is your data?  You can’t properly handle data if you don’t know it’s there.  Most executives simply don’t know enough about the data they store or where they store it.  This makes it impossible to ensure that the information is being handled to GDPR standards.  We conduct structured and unstructured data discovery and then map the data flow, so you’ll be able to make educated decisions about your data and its GDPR liability.

Step 2: Compromise Assessment

There’s a difference between knowing your data is secure and hoping it is.  Custom malware and other sophisticated tactics can hide in your network, siphoning sensitive data without you ever realizing it.  Our Compromise Assessment uses advanced auditing technology and techniques to identify whether attackers are compromising the environment or if they have in the past.  This is essential since the GDPR closely regulates how data breaches are handled.

Step 3: GDPR Gap Analysis

Discover the ways to best protect your customers’ data.  Just like with any new goal, you must first understand where you are to see how it differs from where you want to be.  A GDPR Gap Analysis tests the vulnerability of your access points, security of your network, and reliability of your protocols, and then compares your current state to the requirements set by the GDPR standards.

Step 4: Full-Service Remediation

Let’s do more than make a plan – let’s implement it.  Many companies take you as far as reporting on your breaches and/or gaps, but what good does that do if you (or they) don’t have the resources to fix the issues.  As a full-service cybersecurity firm, we take ownership of the GDPR challenges we’ve uncovered during the Compromise Assessment and Gap Analysis, and we help you implement the best solutions for your GDPR compliance gaps. 

Step 5: Ongoing Monitoring

Mitigate your risk – maintain your GDPR compliance.  The continuous monitoring and ongoing discovery of both structured and unstructured data is an essential element of GDPR compliance.  At Intersec, our security experts have worked with partners and vendors to create the most effective, fully integrated solution on the market.  Experience the security of professional ongoing discovery and monitoring. 

Understanding the GDPR Mandate

As of May 15, 2018, compliance with GDPR is mandatory.  The European Commission’s regulations establish a single set of data protection rules, which are designed to give people more control over their personal data and provide a level playing field for companies doing business in the EU.

 

Who Does the GDPR Apply To?

The GDPR applies to businesses that process personal data (such as name, address, health records, banking information, or cultural preferences) and:

  • is based in the EU
  • is based outside the EU but offers goods/services to or monitors behaviors of individuals within the EU.

Processing data includes collecting, using, and deleting data, including (but not limited to) video surveillance, email marketing databases, shredding documents or hard drives, and posting photos of individuals to social media.  Certain conditions must be met to process personal data.

 

What Are the Fees & Penalties for Non-Compliance?

Non-compliance with the GDPR carries a substantial financial penalty.  Depending on the level of non-compliance, fees and penalties can include any combination of the following:

  • a reprimand
  • a temporary or definitive ban on processing
  • a fine of up to €20 million or 4% of the business’s total annual worldwide turnover

Fines imposed will take into account the nature, gravity, and duration of the infringement, its intentional or negligent character, any action is taken to mitigate the damage suffered by individuals and the degree of cooperation of the organization.

 

Mitigate Your Risk – Get GDPR Compliant

CONCERNED ABOUT COMPLIANCE?

If you’re facing challenging compliance regulations or you’re concerned about a data breach, contact us with the information below or fill out the form on this page.

A forensics or compliance expert will get back to you as soon as possible.

Email: [email protected]
Phone: 1-800-499-5834
Service Regions: North America | Caribbean | South America | Europe | Asia