General Data Protection Regulation
What is the GDPR, and when does it apply?
The digital economy has transformed the way personal data is circulated on a global scale. Protection against leaks and intrusions is now a priority at national and international levels.
To safeguard the rights of EU citizens, the new General Data Protection Regulation (GDPR, 2016/679) was adopted in April 2016, and comes into effect in May 2018.
Who is impacted by the GDPR, and how do the fines work?
Unlike its predecessor the Data Protection Directive (95/46/EC), the GDPR has an international reach. It impacts any organization worldwide that collects, processes – or even transfers – personal EU citizen data.
Financial penalties with the GDPR are unprecedented. Any organization failing to implement sufficient precautions for the protection of personal EU citizen data can incur fines reaching 20 million EUR or 4% of turnover worldwide, whichever is higher.
What are the main causes of a data leak?
Gartner and Forester statistics show that 70% of security-related incidents and 80% of risks originate with companies’ internal employees and that 65% of risks are never detected.
A high risk area is software testing. Test quality depends on using realistic test data. It is therefore common practice to extract production data into insecure test environments, exposing personal information to unauthorized personnel.
How can I protect my organization against data leaks?
“Data masking, which is focused on protecting data from insiders and outsiders, is a must-have technology in enterprises’ and governments’ security portfolios”
Pseudonymization or anonymization is highly recommended in the GDPR regulation. Data is irreversibly de-identified and de-sensitized so that personal information remains anonymous in the context of support, analytics, testing, or outsourcing.
Designed to meet the strictest requirements of the GDPR, DOT-Anonymizer is a high performance, multi-platform and multi-database solution with a variety of configuration options to anonymize test data while preserving their usability.