General Data Protection Regulation
What is the GDPR, and when does it apply?
The digital economy has transformed the way personal data is circulated on a global scale. Protection against leaks and intrusions is now a priority at national and international levels.
In order to safeguard the rights of EU citizens, the new General Data Protection Regulation (GDPR, 2016/679) was adopted in April 2016, and took effect in May 2018.
Who is impacted by the GDPR, and how do the fines work?
Unlike its predecessor the Data Protection Directive (95/46/EC), the GDPR has an international reach. It impacts any organization worldwide that collects, processes – or even transfers – personal EU citizen data.
Financial penalties with the GDPR are unprecedented. Any organization failing to implement sufficient precautions for the protection of personal EU citizen data can incur fines reaching 20 million EUR or 4% of turnover worldwide, whichever is higher.
What are the main causes of data leakage?
Gartner and Forester statistics show that 70% of security-related incidents and 80% of risks originate with companies’ internal employees and that 65% of risks are never detected.
A high risk area is software testing. Test quality depends on using realistic test data. It is therefore common practice to subset production data into insecure test environments, exposing personal information to unauthorized personnel.
“70% of security-related incidents come from internal sources” -Gartner
How can I protect my business from data leakage?
“The risks of unmasking or re-identification in masked datasets are increasingly a concern, as organizations build complex big data environments” – Gartner Research, 2018
Pseudonymization or anonymization is highly recommended in the GDPR regulation. Data is irreversibly de-identified and de-sensitized so that personal information remains anonymous in the context of support, analytics, testing, or outsourcing.
Designed to meet the strictest requirements of the GDPR, DOT Anonymizer is a high performance, multi-platform and multi-database solution with a variety of configuration options to anonymize test data while preserving their usability.
Detection of personal data & Data Masking with DOT Anonymizer