Capax Discovery’s GDPR Compliance Solution
Capax Discovery is proud to introduce our new GDPR Compliance Solution. At Capax Discovery, we understand the complexity and implications of the EU’s new General Data Protection Regulation, and we can provide you with the expertise, solutions, and guidance to ensure that your organization is in a complete state of readiness ahead of the May 25, 2018 deadline.
What is the European Union’s new General Data Protection Regulation?
The EU’s new General Data Protection Regulation [GDPR] legislation was approved and adopted in April 2016. It is designed to simply protect the privacy rights of all EU citizens. However, the significant global implications it carries are far from simple. Almost every type of business, location, and vertical will be affected. GDPR doesn’t just apply to companies in the European Union; organizations outside of the EU, which are targeting consumers in the EU, or have customers in the EU, are subject to the regulation.
This new legislation, a marked evolution in the regulatory pursuit of privacy protection, is a complex and layered framework that demands a compliance ecosystem with evolved capabilities around security, privacy, and governance. Fundamentally, all organizations that store and process EU citizens’ data must obtain consent to do so and most importantly, have the capability to respond to subject access requests.
These stringent mandates will impact multinational organizations all over the world in regard to how they will manage both structured and unstructured data that resides in their enterprise. To begin addressing these mandates, organizations must perform a preliminary identification and classification of the data that is currently within their environment. Once this exercise is complete, organizations will need to institute a continuous monitoring and governance program.
The implications of a failure to comply are significant – a fine of up to €20 Million or 4% of annual turnover. The reputational damage is unquantifiable. Fortunately, Capax Discovery’s new GDPR Compliance Solution is available immediately to assist all of our client’s GDPR needs [including the essential continuous monitoring component].
What will your organization be required to do?
GDPR classifies organizations as Data Processors or Data Controllers, and your organization will be responsible for understanding how to identify with the mandates specific to those classifications.
Data Controllers are the natural or legal person, public authority, agency, or any other body which determines the purposes and means of processing personal data.
Data Processors are the natural or legal person, public authority, agency or any other body which processes data on behalf of a data controller. An example of a processor would be a payroll services company.
It is possible, based on the way in which data is leveraged within your organization, you may be both a Data Controller and Data Processor. Regardless of how you identify your organization, it is most important to take control of your data by implementing a holistic governance program [such as our Capax Discovery GDPR Compliance Solution] that is all encompassing, measurable, and repeatable.
What is your organization’s risk?
To be GDPR compliant does not mean taking part in a one time exercise to clean up data. GDPR compliance will require continuous monitoring and oversight to ensure ongoing adherence to the mandates.
One of the primary challenges will be fulfilling data access requests. Article 15, Right of Access, empowers citizens to request copies of their personal data as well as information on how their personal data is being processed. Further, citizens are also empowered to request that their data be completely deleted or moved. Organizations only have weeks to respond/satisfy these requests.
Before an organization can even think about how to fulfill one of these requests, evaluating their overall information governance posture is a good starting point, albeit a daunting task without our Capax Discovery GDPR Compliance Solution.
One particular area of concern is file shares. File shares, SharePoint repositories, and other enterprise file sync and share applications tend to have little to no governance. Organizations should scrutinize these repositories and the relevancy of the data that is stored; evaluating access controls to assess whether entitlements to data are valid. Often these repositories become a storage bin for redundant, obsolete, and trivial data (ROT). In fact, it is estimated that 75% of enterprise file shares contain data that has little to no business value.
Data access requests, however, are not limited to an organization’s active data – archive and backup repositories are also in play. It is necessary to evaluate retention policies, ensuring that they are all-encompassing and are properly implemented and enforced.
How our Capax Discovery GDPR Compliance Solution can help you
At Capax Discovery, our compliance team is ready to put your organization in a state of GDPR readiness, with the ability to confidently satisfy the mandates on a continuous basis.
With our GDPR Compliance Solution’s Data Light technology, we provide complete GDPR readiness by design with powerful identification, classification, and control capabilities that stratify hundreds of data and file types across the entire information landscape:
– A powerful GDPR and PII management console with intuitive workflow
– Rapid and seamless response to data subject access requests
– Control across all data types within a single platform (email, files, IM, social media, SMS, etc.)
– Unparalleled scalability into the multi-petabyte range
– Dark data penetration through powerful OCR and A/V transcription engines
How our GDPR Compliance Solution helps Microsoft Office 365
If your organization is utilizing Microsoft Office 365, it has shortcomings that can compromise GDPR compliance. Fortunately, CAS O-Bridge, our new Microsoft Office 365 bridge application, is the complementary solution to address GDPR compliance gaps. It is a transformative technology with bi-directional integration between the CAS archive and Microsoft Office 365. This integration now provides CAS customers with an unprecedented layer of security and corporate communication oversight.
CAS O-Bridge for Microsoft Office 365 is the only archiving solution that provides a single platform to compliantly delete offending items from both the archive repository as well as Microsoft Office 365, unlike competitive solutions which only enable you to take action upon the archive repository.
Contact Capax Discovery to create your GDPR Compliance Solution
Give Capax Discovery a call today to discuss our GDPR Compliance Solution, schedule a demo of our solution and learn how we can help your organization become GDPR ready by May 2018.
*Please contact JJ Contessa, Director of International Sales and Marketing: