After several years of preparation and discussion, we are approaching the day when the European Union’s General Data Protection Regulation (GDPR) will come into effect – 25 May 2018.
It’s a major change to how data is stored and managed in the digital age, and failure to comply will results in fines of up to €20,000,000 or 4% of an organisation’s annual global turnover, whichever is greater.
GDPR has thrown up a number of challenges for many organisations and has placed a particularly onerous burden on smaller and midsized businesses, who generally lack the resources and know-how as to best manage compliance requirements. That’s why we are launching OXIAL GDPR EXPRESS, a new solution that will remove the burden from GDPR and can even turn it into an asset.
OXIAL GDPR EXPRESS
The OXIAL GDPR EXPRESS solution uses an automated approach to offer 100% GDPR compliance. Targeted primarily at midsized firms in the financial services (FS) sector, it’s a solution based on OXIAL’s years of experience in risk management, IT security and compliance, and crucially can be live and operational in less than 90 days.
We believe strongly that compliance is an on-going process and should be managed as such – this applies just as much to GDPR as it does other forms of compliance. So OXIAL GDPR EXPRESS creates a framework to help ensure compliance, now and on-going in the future.
The framework identifies 130 activities across 13 categories, all relating to compliance with data protection laws and the processing of personal data. These are activities that can be tracked and monitored via automation and ensure that the appropriate privacy management activities have been implemented and maintained on an on-going basis.
This is then used as the foundation for continuous compliance supervision, supporting all requirements for data regulations, guaranteeing personal data confidentiality and providing all the tools necessary to manage claims, provide evidence and anticipate incidents. This digital approach to compliance is the most effective way of addressing GDPR and the perfect solution for midsized firms that aren’t used to managing such requirements.
