GDPR – The General Data Protection Regulation came into force in May 2018 in the European Union (EU). GDPR aims to improve the protection of personal data and increase the accountability of the organization for data breaches. GDPR regulation defines a set of rules to enable EU citizens to have more control over their personal data.
Adopting GDPR’s terms means that organizations must ensure the legal means of collecting personal data under stringent conditions. In addition, the gathered personal data must be managed in such a way as to protect from misuse and ensure the rights of personal data owners.
At the end of 2018, the State Data Protection Inspectorate of Lithuania released guidelines to ensure compliance with GDPR requirements which are based on recommendations of the European Union agency for network and information security – ENISA (2018; 2017) and Infosec management standards ISO27k (2016).
We undertook a study to support SME’s on how to adopt these guidelines in practice and prepared a technology -complimented checklist to facilitate the implementation of these recommendations.
When it comes to the practice, the implementation of appropriate technologies needed to comply with GDPR can be daunting. As finding appropriate and suitable technologies consume lots of time devoted to research, consultation and evaluation. Our technology solutions checklist for GDPR compliance helps to save time. The guide answers what every organization dealing with personal data face – how to meet technical GDPR requirements and which technological solutions to use.
It provides a complete GDPR compliance checklist for organizations which we’ve improved by adding our represented technological security solutions.