GDPR & JumpCloud: Privacy and Security by Design
European Union (EU) data protection laws will experience significant change when May 2018 rolls around, and the General Data Protection Regulation (GDPR) will take the place of the 1995 EU Data Protection Directive. Despite the two year grace period, “52% of companies believe they will be fined for non-compliance,” and it is predicted that “the EU could collect as much as $6 billion in fines and penalties in the first year” (CSO). There are still six months left to get your house in order, so we’ve created a series of posts on the GDPR that takes an in-depth look at specific components within the GDPR. This post will offer a closer examination into what the GDPR has termed “privacy and security by design” (GDPR Art. 25). If you would like to familiarize yourself with the GDPR, consider exploring this site. If you are not familiar with some of the GDPR terminology, you might find this page of the GDPR regulation to be helpful.
Now, let’s take a look at what privacy and security by design means and the steps you can take to meet this. Then we’ll discuss how JumpCloud intersects with this component of the GDPR.
Privacy and Security by Design Explained
What is privacy by design? Privacy and security by design is building privacy into the systems, processes, and software used in processing personal data. While this concept has been around for quite a while in the tech industry and legal sector, it hasn’t always been implemented elsewhere. Under the old 1995 Directive, privacy and security were required, but data controllers had the option of treating privacy and security as an afterthought. The GDPR changes this and forces controllers and processors to instill privacy and security at the inception of a data collection project and imbue these elements into every tool and process used to collect personal data (Deloitte). This might seem daunting at first, but in the long run privacy and security by design can actually increase the efficiency of your development process. (Read more...)
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Natalie Bluhm. Read the original post at: https://jumpcloud.com/blog/gdpr-privacy-security-design/