Since May 2018, the new EU General Data Protection Regulation (GDPR) has been in force to optimise the protection of personal data and to standardise data protection requirements in all EU countries.
The new regulation requires companies to align their processes, procedures and security policies. Security and compliance experts must know the new requirements of the DSGVO in order to be able to comply with regulations for employees, processes, guidelines and technologies.
The new law covers a wide range of privacy and security issues, from consent to governance.
Businesses not only need to protect personal information, but also other data that, when combined, allows for the identification of a person. In addition, companies are expected to integrate security and privacy into their systems and to do so by default. Security is no longer an option, but a requirement that must be met.
In view of fines of up to € 20 million, or 4% of the total worldwide annual turnover (whichever is greater), the GDPR fundamentally changes the cost / benefit analysis for each company's data security, either physically or indirectly virtually represented in the EU.
Main measures for DSGVO compliance:
- Knowledge of legal requirements
- Know storage locations of confidential data
- Keep the number of data stores as low as possible
- Control and monitor access
- Manage and protect data
- Encryption and key management
With the manufacturer and product portfolio of Arrow, we offer you the ideal basis to take the appropriate measures related to information security. In accordance with Article 35 (Data Protection Impact Assessment).
Arrow designs products to perform comprehensive safety assessments and take risk management measures.
