GDPR and data archiving
Data Iceberg provides tools to assist Data Protection Officer in performing his/her duties.
Comprehensive Audit Trails and alarms helps DPO to notify the supervising authority regarding data breach.
Data Iceberg allows strong encryption that renders the personal data unintelligible to any person who is not authorized to access it. According to Article 34(c), the notice to data subjects is not required if the data controller has implemented appropriate technical and organizational protection measures.
The solution contributes to Data protection by Design and by Default, which requires that data protection is designed into the development of business processes for products and services.
The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years. The GDPR was approved and adopted by the EU Parliament in April 2016. The regulation will take effect after a two-year transition period and, unlike a Directive it does not require any enabling legislation to be passed by government; meaning it will be in force May 2018.
The GDPR not only applies to organisations located within the EU but it will also apply to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.
Any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.