Skip to main content

Optiv has the proven ability to look at a client’s security and privacy program holistically while also ensuring relevant industry regulations and compliance requirements are met.

Optiv has the proven ability to look at a client’s security and privacy program holistically while also ensuring relevant industry regulations and compliance requirements are met.

GDPR Requirements and Compliance Services for Your Business

The General Data Protection Regulation (GDPR) came into effect in May of 2018. GDPR standards impact organizations residing in the European Union (EU) as well as those that merely transmit EU citizen data, and global companies are working frantically to comply with this sweeping regulation. Adding to the complication, the new GDPR requirements affects departments enterprise-wide, requiring them to work cross-functionally across the organization.

Optiv Security assists organizations with GDPR compliance regulations, including the following cybersecurity requirements:

  • Defines lawfulness of processing data to include consent by data subjects, privacy by design, the right to be forgotten and data portability requirements
  • Outlines GDPR responsibilities of both controllers and processors
  • Requires Privacy Impact Assessment and appointment of a Data Protection Officer (DPO)
  • Enforces strict breach of GDPR compliance notification requirements

 

What is GDPR Compliance?

The GDPR compliance regulations checklist outlines four categories of responsibility for online entities serving EU citizens. Lawful Basis and Transparency security standards require companies to conduct an information audit to determine what information is being processed and who has access to it, to have a valid justification for these activities and to clearly articulate the rationale for these policies. The Data Security component outlines requirements around anonymization and encryption, as well as your process for notifying authorities and victims in case of a breach. Accountability and Governance details how internal and external program responsibilities are to be staffed and managed. And Privacy Rights makes clear what customers are entitled to and what information the site is obliged to provide.

GDPR represents an opportunity for organizations to strengthen customer relationships and help repair the damage bad actors have done in the public eye. Companies that embrace consumer privacy as part of their strategic mission are not only avoiding sanctions; they’re building their brands – and are perceived as more trustworthy in the market.

Number of DPOs needed to satisfy the GDPR requirement in the U.S.

Maximum number of hours allowed to report a security incident once it has been discovered.

Percentage of U.S. companies reporting they possess EU citizen data and are therefore require GDPR data protection.

How We are Different

Optiv’s Approach to GDPR Compliance

Optiv assists organizations with six key security components of GDPR:

  • Data Governance – Understand GDPR compliance regulations as it relates to the business and then activate a plan to meet those obligations.

  • Data Classification – Analyze what data is relevant to GDPR standardsand develop a proper classification scheme for ongoing data management.

  • Data Discovery – Determine where sensitive data is stored across your environment and set up policies and procedures to manage GDPR data protection.

  • Data Access – Recognize who has access to data and set up policies and procedures for access management and governance.

  • Data Handling – Prepare for the chance of an incident and ensure that plans are in place to meet GDPR compliance regulations regarding the handling of sensitive information.

  • Data Protection – Plan, build and run an appropriate security program for the protection of sensitive information.

Consolidated List of GDPR Services & Additional Capabilities from Optiv

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Related Insights

October 25, 2017

GDPR Part 1: A Legal, IT, or Information Security Issue?

The General Data Protection Regulation (GDPR) is a new regulation affecting organizations that reside in the European Union (EU) or merely transmit EU...

See Details

November 15, 2017

Who Leads the GDPR Charge?

Is the General Data Protection Regulation a legal, IT or security problem?

See Details

April 09, 2018

Who is the Data Protection Officer?

Learn about the the role and responsibilities of the data protection officer (DPO).

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cybersecurity Events in your area.