Clouds reflected in the Parliament building in Strasbourg - © European Union 2013 - European Parliament. CC

US Cloud platforms potentially incompatible with GDPR

Latest reports confirm that the use of Cloud platforms owned by US corporations may lead to non compliance with GDPR and could be detrimental in the long run for EU organisations.

It’s common knowledge that Cloud platforms come with benefits but also with known risks. Compliance with various regulations, being an ever changing landscape, is generally not seen as a major risk as it's built into the sometimes tedious but necessary tasks.

In some cases your organisation's compliance with directives, regulations and international agreements is dependent on third parties and you have to make sure those third parties follow the same rules.

"Suddenly" the European Regulation 16/679, better known as GDPR, has come into force. We all heard about it, many were ready for it well in advance, many are still working to make their organisation compliant but all, without exceptions, will be working to keep their organisations compliant over time.

GDPR isn't a box ticking exercise on some forms that can then be archived as "Job Done", compliance is a continuous process which must be part of any organisation's standard procedures involving current/future employees processing personal data and all the IT infrastructures, internal and third parties, that are processing data.

At the "Luxembourg Data Protection Days", of which Omnis Systems is a Gold Sponsor, we will present some of the platforms, many of which Open Source, that can help organisations taking back control of the data they are processing to allow them to be, not only more efficient and reduce their IT costs, but also capable of guaranteeing their customers they care about their Privacy.

The easiest and efficient way to achieve GDPR compliance.

PrivacyLab GDPR Compliance platform

The European Regulation 16/679, better known as GDPR, is seen by many as a new burden to organisations but it just unifies a set of pre-existing directive and regulations implemented with various degree of enforcement and Privacy protection by all the European countries. The main reason why GDPR is being taken so seriously now, and organisations are actually working to comply with it, is that it comes with fines that could make a serious dent in the bottom line of any organisation.

While the GDPR is a well written regulation, which states many of the data subjects rights and the duties of data controllers and processors, it's quite light on procedures and documents structure leaving it to organisations, lawyers and DPOs to create their own.

Removing the guesswork from GDPR

PrivacyLab is probably the most experienced organisation, in terms of Privacy compliance platforms and consulting, as they have been helping thousands of private and public sector organisations being compliant with the Italian Privacy Law, one of the strictest and more comparable to GDPR, since 2004.

Thanks to its extensive experience in how to plan and structure Privacy compliance your organisation and your Data Protection Officer (DPO) will find in PrivacyLab GDPR the perfect tool to simplify and streamline all the compliance processes.

Data and archival methods mapping

Data and archives mapping is one of the basic task you need to perform to evaluate the types of data held by your organisation and the related risks.

Each main office, location and type of archive (digital or paper based) is taken in consideration to create the Data Protection Impact Assesment (DPIA), the Privacy by Default risk analysis and all the related documents.

Standard legal notices

Once the data mapping and the personnel has been appointed to manage specific data sets it will be possible to generate all the notification needed by your organisation.

From standard data subjects notification to personnel appointment to perform specific data processing, together with procedures and responsibilities, it just take a click to generate the right document.

Full set of legal notices

PrivacyLab GDPR comes with a full set of standard legal notices and reports that will make it a lot easier to comply with data subjects notifications.

Each document and report is saved, on PrivacyLab's secure Cloud, with an unique Document ID, which proves to third parties your commitment to compliance and shows the regular updates to policies and Privacy by Design practices.

PrivacyLab certifications

PrivacyLab is the first platform to be certified as compliant with the EU Regulation 16/679 (GDPR).

To guarantee the quality of its software and the compliance with the highest quality and security standards, PrivacyLab is also certified ISO 9001:2008 and ISO 27001:2013.

Removing the guesswork from GDPR

PrivacyLab GDPR provides you with all the guidance and tools you need to make your organisation GDPR compliant.