OXIAL and GDS – a partnership to guarantee GDPR compliance

The clock is ticking when it comes to the European Union’s General Data Protection Regulation (GDPR) coming into effect. The past few years have seen much discussion and debate about what GDPR entails, how it will protect consumers and what it means for the organisations that store consumer data.  

We are approaching the time when organisations need to stop talking and start doing. Yet a recent survey (December 2017) of 400 European business leaders by the European Business Awards revealed that an astonishing 92% of organisations are not yet ready for GDPR. 

28 per cent of those surveyed were completely unaware of the regulation they will have to adhere to, while 26 per cent admitted their organisation will not be compliant by the May 2018 deadline. This lack of know-how as to how best to approach GDPR is entirely understandable, particularly for smaller and midsized firms that might lack the experience and resource required to get ready for GDPR. 

So for those firms that are struggling with GDPR, OXIAL has recently launched its new OXIAL GDPR EXPRESS solution. It’s a solution based on OXIAL’s years of experience in risk management, IT security and compliance, it can be live and operational in less than 90 days and it guarantees 100% GDPR compliance. 

Data security 

One of the most important elements of GDPR requirements – and indeed the entire reasoning behind the legislation – is keeping consumer data safe, secure and private. That’s why we are working again with our partner Global Data Sentinel (GDS) 

GDS is a New York-based leading cyber security solutions provider whose platform not only offers advanced security controls and features, but is built to be practical, user friendly and meet the growing needs from the convergence of risk and compliance. 

Earlier in 2017 OXIAL signed an agreement with GDS (and Mice360) to jointly develop the next-generation of GRC solutions for the public and private sector markets, and this partnership on the OXIAL GDPR EXPRESS is an exciting and innovative example of what can be achieved. Data security offered by GDS includes: 

Data Portability

  • one of the key requirements of GDPR, and intends for any data subject to have the right to receive the personal data concerning them, which they have previously provided in a commonly used and machine readable format and have the right to transmit that data to another controller. 
  • GDS enables data subjects to both edit their personal data or transfer their personal data from one organisation to another should a data subject part ways with an organisation. Additionally, with GDS’s tamper-proof audit trails, organisations can see if or when a data subject has updated or accessed their information. 

Privacy by Design 

  • this requires the inclusion of data protection from the onset of the designing of systems, rather than an addition. Additionally, controllers may hold and process only the data absolutely necessary for the completion of duties (data minimisation), as well as limiting the access to personal data to those needing to act out the processing. 
  • GDS resides seamlessly inside in an organisation’s existing network, securing data from the get-go, without requiring any additional infrastructure investments. Additionally, GDS is cross-domain; meaning it works at network and/or Cloud-level, including network/Cloud hybrid systems. Data is encrypted both at rest and in transit. 
  • GDS is also a zero-knowledge system. All data within network and/or Cloud is stored encrypted, including customer data, so that even sensitive IT personnel cannot see data. GDS is deployed as a client/server solution so that zero-knowledge extends to GDS as well, with the corporate and customer data encrypted client-side. 

100% GDPR compliance 

In combination with GDS’ industry-leading data protection, is OXIAL’s expertise and technology in automated and digital compliance. OXIAL GDPR EXPRESS comes with all the features required to address GDPR effectively and efficiently, from an initial step-by-step project plan to reporting mechanisms for the regulator and senior management. 

The GDPR EXPRESS solution encourages compliance to be treated as a continuous process, advised and supported by external experts who will allow an organisation to drive GDPR more efficiently and to reach the desired results from a compliance perspective.  

Approaching GDPR in this way means an organisation knows exactly how GDPR relates to their business and data, and is able to assess what they must change in order to be compliant and gauge where the priorities and responsibilities lay. 

Getting ready for GDPR is a significant challenge and one with profound consequences should any organisation fail to do so. That’s why we believe that the OXIAL GDPR EXPRESS – supported by GDS’s security layer – is the perfect solution for any midsized firm struggling to get to grips with GDPR. 

More detail on OXIAL GDPR EXPRESS solution can be found here. Will you be ready on time?