ENOVENTUM Labs helps its clients protect their sensitive personal data in the spirit of GDPR

Audit and Consulting
Software solutions
Professional services and training

GDPR  strengthens the protection of EU citizen’s personal data

GDPR Highlights

  • GDPR is a new data protection regulation, replacing the previous data protection directive 95/46/EC. It will become enforceable from May 2018.
  • It creates a common, harmonized, EU-wide legal framework that covers both EU citizens sharing personal data and companies using that data.
  • Its aim is to enhance the rights of EU citizens over their personal data and thereby to increase their trust in services building on that data.
  • GDPR describes detailed obligations for companies committed to building trustworthy services, accompanied by sanctions for those that will not be able to prove compliance.

If your company collects, processes or stores personal data (such as names, ID numbers, location data, IP address, e-mail addresses, information specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person) from its EU customers, then regardless of your companys location in the world, there are good chances that it will be

  • accountable for compliance with the Data Protection Principles of GDPR
  • responsible implementing appropriate technical and organisational measures to ensure and to demonstrate that its processing activities are compliant with the requirements of the GDPR.
  • GDPR demands transparency in handling personal data of EU citizens. The promoted “Privacy by Design” approach has a potential impact to many enterprise areas, for example, but not limited to, legal agreements, processes, roles, security systems, data collection, processing and storage methods, etc.
  • GDPR places the burden of proof on the enterprise, requiring ability to prove their readiness using documentation created on the steps they have taken and systems they have put in place.
  • Significant infringement and negligent behavior may result in fines up to 2% of total global annual turnover or €10m (whichever is the higher), or in certain cases even 4% of total global annual turnover or €20m (whichever is the higher)
  • Assess – Enterprises are recommended to conduct a systematic assessment on all areas potentially impacted by GDPR. In the age of cloud computing special care needs to be taken in assessing 3rd party services.
  • Design and Plan – The gaps identified during the assessment phase should be covered with GDPR compliant legal, organisational, management, technical solutions and the necessary transformation plans.
  • Implement – This step brings the corporate-wide deployment of the GDPR compliant solutions, including the software systems identified in the previous steps. During transformation consistent documentation should be created about the measures taken to establish compliance.
  • Maintain – Once the transformation phase is completed, the implemented measures need to be regularly reviewed and updated as the business evolves.
      • GDPR aims at increasing consumer trust in using services utilizing personal data. A harmonized EU personal data market is estimated to reach €1 trillion by 2020.
      • At the same time the EU estimates that a harmonized legal framework for handling personal data will bring €2.3 billion in economic benefits.
      • We expect GDPR to have a major impact over time on future customer perception and choice, therefore we expect it will impact company brands as well.
      • Data breach incidents come with significant additional costs, a fact which is often overlooked by companies. GDPR mandates higher level of readiness in protecting customer personal data, lowering the risk of experiencing data breach incidents.

    Audit and Consulting

    Our team will help you assess your GDPR maturity stage highlighting the areas that need your attention. This can include testing your current solutions (ie: penetration testing). Additionally we are ready to recommend measures to tackle the identified gaps.

    Software solutions

    Our team of experts will recommend software solutions to improve the GDPR compliance of your IT. Areas of focus include products covering audit data creation, data access control and incident management.

    Professional services and training

    Our expert team will help deliver the software solutions that best fit to your needs. We are at your service when it comes to deploying, setting-up, configuring and training on the identified solutions.

    Find out more about how GDPR affects your company!