Solutions and products for implementing security measures in line with the GDPR

The General Data Protection Regulation of the European Union (GDPR) along with currently valid Act No. 181/1014, on cyber security and personal data protection place emphasis on protection of personal and sensitive information in large enterprises throughout the state, public and private sector. GDPR brings several major changes in the obligations of institutions that work with personal or sensitive data and requires compliance with these obligations from May 2018.


What changes does GDPR bring?

Process

GDPR brings a new obligation of entities working with personal or sensitive information to notify any leakage of personal information to the relevant authorities within 72 hours.

Organisational

GPDR requires the establishment of new positions – a
Data Protection Officer (external/internal) for consulting security measures and processes related to personal/sensitive information, and a Personal Data Manager in organisations.

Technical

The requirements arising from GDPR also oblige organisations to introduce adequate tools for providing sufficient information for the authorities and securing data against theft as part of their prevention and to avoid being penalised.

The experience and products of SODAT Software can give you a head start in meeting the GDPR requirements. File movement tracking, machine data processing and assessment, and encryption will help you comply with the EU regulation. The following tables provide an overview of the services and combinations of solutions reflecting the GDPR requirements with regard to monitoring and securing personal and sensitive data, which will help you not only meet the statutory requirements, but also ensure data security effectively.


Services relating to GDPR

Service title

Description

Benefits

Compliance with laws

Personal and data audit Processing and assessing records of employee activities, analysis of data flow through the organisation using automated data processing and assessment technologies (SODAT Analytics) Mapping and assessment of the behaviour of users at terminal stations focusing on data movement. Generating a summary report with audit results. Support in introducing and processing the Data Protection Impact Assessment.


Solutions relating to GDPR

Solution title

Description

Measures

Compliance with laws

SODAT Protection Monitoring activities of users at the organisation’s terminal stations, monitoring the movement of data in external devices, discs and networks. Collecting records of user access to the organisation’s information system. Monitoring and recording the use of applications processing personal data. Monitoring of data movement in the organisation. Documentation and record keeping for work with documents containing personal data.
SODAT Analytics Fast and clear assessment of the monitored data using machine learning and detection of anomalies in user behaviour. Systematic monitoring and supervision of working methods and behaviour of users within the information system. Notifications of responsible persons of potential incidents. Support in introducing and processing the Data Protection Impact Assessment. Regular checks of the effectiveness of measures relating to personal data protection.
SODAT Encryption Cryptographic protection of the data saved at terminal stations, external devices, file servers and cloud storage spaces. Support for two-factor user authentication. Management of access to external devices. Securing data using online file encryption in the storage site, ensuring access to data exclusively to the data owners and authorised persons. Control and limitation of access to external memory devices. Protection of data saved in external devices. Adequately securing data containing personal details against unauthorised access. Securing data during their transfer and storage.