For questions and discussions around GDPR
- 3 Topics
- 8 Replies
Records Management & Information Management
A client of mine is one the small but specialized University College in South Africa.Management has identified a weakness in records management and management of information across functional areas and the Academic stream of the institution.During my environmental scanning of the institution, I concluded that systems integration and information architecture need to be addressed first as a steppingstone towards improving the flow of information to and from the functional areas.The concept of records management takes a distinctive feature towards information security in this regard. Consequently, matters of risk management become truly relevant to the responsibility conferred on the council of the institution. Logical as it maybe, the ownership of information remain in the hands of the functional heads, yet the health state operational systems and the systems security continue to be the responsibility of the CIO/CISO.Now, with a robust platform like DRATA certain aspects of the problem s
Audit/Attestations for GDPR?
I have a couple of questions about GDPR. I’ve reviewed the .eu guides and checklists at https://gdpr.eu/data-privacy/ - but what information should we as an organization have available to show we comply with regulations? I know for SOC 2 you have an output of several different report options, but is there an equivelent for GDPR? Is it really just self assessments?
Debunking the Top 5 GDPR Myths and Misconceptions
The General Data Protection Regulation (GDPR) has made itself known and important in the security world since its passing in 2018. With GDPR being a more recent law, there are some misconceptions around who it applies to, what it is, how it affects companies across the globe, and much more.After numerous customer calls and questions around GDPR, we’ve picked some of the most common GDPR myths to dispel for you. Read Troy Fine’s full article 🚫GDPR is a security framework.✅It’s technically a privacy regulation & the primary focus is ensuring that personal data is processed appropriately. 🚫GDPR doesn’t apply to companies outside of the EU.✅It applies to any organization that processes/holds personal data of EU residents. 🚫GDPR only protects EU citizen data.✅It protects both citizens and residents of the EU. 🚫GDPR doesn’t apply to small businesses.✅It applies to businesses of all sizes. 🚫GDPR-like regulations will remain in Europe.✅Similar regulations have already extended beyond
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.