CM – Tech experts discuss the 3rd anniversary of the GDPR

May 25th marked three years of General Data Protection Regulation in the UK, with cybersecurity concerns mounting.

The UK’s data protection authority, the Information Commissioner’s Office, recently released data between July 1st and December 31st October published. The ICO was found to have received 2,594 data breach reports, with EU data protection authorities taking over 700 enforcement actions.

In response, a joint article was written incorporating the knowledge of many tech experts. Faisal Abbasi, Managing Director EMEA at Amelia, spoke about how companies need to manage sensitive data.

He said: “For customer-centric organizations in the financial, banking and insurance industries – and increasingly also in the healthcare sector – the data-related challenges are becoming increasingly complex as more data is generated to define business needs, and more people are now doing their jobs. « and at home lives on personal devices. »

He also pointed out that the failure to keep this personal information secure to manage, costly and harmful, and lead to a breach. He said, « For this reason, in many regulation-intensive industries such as banking and insurance, we are seeing an increase in the number of companies using AI-powered digital workers to improve the skills of human workers in handling sensitive data. »

Abbasi also explained that these “digital employees” can act as “whisper agents” to guide their human colleagues through certain rules and processes. He found that doing so can go a long way in reducing the likelihood of human error in handling privacy risks and preventing unauthorized disclosure of data.

Liz O’Driscoll, Head of Innovation at Civica, spoke about the importance of the Public trust in data protection. She said, “Be it personal banking information or mRNA vaccine codes, personal information is extremely valuable, which makes privacy all the more important. With increasing innovation, we are getting better at protecting this data and using it as a force for good. This improves citizen confidence at a time when the pandemic has increased the government’s reliance on data to provide critical information and services to the public. ”She also said that with the introduction of the GDPR Ensuring companies put privacy first to build public trust. She said, “In order to build trust among citizens, person-centered services are becoming more important. These services can adapt and respond to our preferences and enable earlier interventions for those most in need. ”

Declan Dickens, Senior Manager, Northern Europe at Checkmarx, said there is still a lot of need for privacy accountability. He said: « A new report found that over 661 fines totaling € 292 million have been imposed since GDPR was enforced – a worrying figure. It is important that both legislators and organizations do not become complacent in this critical effort. ”He also spoke of the problems of fragmentation and gray areas that are still contained within the GDPR, he noted that the GDPR and data protection should be a « living, breathing initiative ». Dickens also spoke about how companies need to align themselves with GDPR requirements.

He said: « For those who want to stay compliant, we recommend that they follow the ‘Privacy / Security by Design’ rule first – ensure that data security and data protection are taken into account during the planning phase of a product or solution and not during development. Protecting data from attackers by default. ”He also said that companies must use gap analyzes to identify weaknesses in the processing of their data flow in existing operations .

Chris Huggett, Senior VP, EMEA & India at Sunguard AS, stated that working remotely poses new challenges for data protection. Noting that the pandemic has led to a dramatic increase in cloud spending, he said, “while hybrid and public cloud solutions were the natural choice in this case, organizations need to be aware that a distributed model of the Data storage poses a challenge to one of the most important facets of GDPR compliance: knowing exactly where data is. ”

He also pointed out that companies moving to the public or hybrid cloud need to ensure that transparency is not sacrificed. He said, “The GDPR is now driving the adoption of managed, sovereign cloud solutions along with along
other factors such as cybersecurity and the insecurity of data transfers after Brexit. Such solutions are critical to bridging the growing gap between operational flexibility and regulatory compliance and to give companies a feeling of security when migrating to the cloud. ”

Adam Mayer, Senior Manager at Qlik, spoke about the value of Data for modern businesses. He said, « Real-time data is one of the most valuable resources for today’s business, enabling companies to make the right decisions at the right time based on customer needs. » He also pointed out that this speed of data transfer is not at the expense consumer privacy and that companies need good governance in the way they collect, use and store data, especially personal data (PII). He said, “Understanding the origins of the data, managing access through a data catalog, and providing data literacy training so employees understand how to responsibly draw from and use various data sources are all keys to ensuring operations wins at the speed of business. They’re not helping to create new compliance concerns. ”

Mayer also said that this new volume and speed of data transfer is encouraging companies to move away from traditional governance approaches and think about how analytics itself does Can support GDPR compliance. He said « 

He said, » Analytics programs can help IT teams visualize and manage who has access to what information and whether it remains relevant to their role. For example, this could be by merging different sets of data on user access controls and HR lists of leavers, newcomers and changers are made to ensure there are no anomalies that leave people with access to information that is no longer appropriate to their role. ”Finally, he said,“ Analytics can do that too help to proactively manage data retention policies so that personal data is not retained for too long, i.e. when it is no longer needed after form processing or is retained without consent. Analytics platforms can assess when personal data must be disposed of in a timely and safe manner Ultimately, helping companies find real intelligence in implement data protection management to reduce the risk of human error and streamline processes for IT teams. « 

Irish Tech News is Ireland’s No. 1 online tech publication and often Ireland’s No. 1 tech podcast.

You can find hundreds of fantastic previous episodes and subscribe to them on any platform through our Anchor.fm page here: https://anchor.fm/irish-tech-news

if you featured in any of the upcoming podcasts email protected now to discuss this.

Irish Tech News offers a variety of services to help promote your business. Write to us now at [email protected] to learn more about how we can help you reach our audiences.

#mc_embed_signup {background: #fff; clear: left; Font: 14px Helvetica, Arial, Serif; }}
/ * Add your own style overrides for Mailchimp forms in your site style sheet or in this style block.
We recommend moving this block and the preceding CSS link to the HEAD of your HTML file. * /