Easily Comply with GDPR (PDPA in Thailand)
Prepare for the strictest personal data protection regulation in the EU
GDPR (General Data Protection Regulation)
is a European Union regulation on the protection of personal data and it
applies to every company and state organization in the EU.
What security measures do you take to guarantee personal data protection in your company?
What does the new GDPR / PDPA mean for you?
Fines for not complying with GDPR can go up to 20 million euros, or 4% of a company’s overall income (depending on which value is higher).
Each and every organization has to consistently protect personal data. You also have to protect employee personal data, customer information, patient databases, etc.
Effective Data Protection
Your company has to be ready to prove that your technical and organizational measures for data protection function properly.
Compulsory Reporting of Data Breaches
The Data Protection Authority must be notified within 72 hours of breach discovery.
Data Processing Permission
Free and clear authorization is required. Requests for approval must be simple and easy to understand.
Expanded Definition of "Personal Data"
Personal data also includes email addresses, IP addresses, cookies, and genetic and biometric information.
Right to be Forgotten
Each person has the right to require that you delete his/her personal information without delay.
Dedicated "Data Protection Officer"
Organizations systematically processing personal data are required to have a person appointed to the role of “Data Protection Officer”
Personal data protection must be implemented in the design stage of a security measure.
What personal data does your organization need to protect?
- Personal employee data (name, address, date of birth, etc.)
- Information about customers, patients, clients (marketing databases, medical records, contact lists)
- Data transferred to third parties (accounting books, credit registers, direct marketing)
- Non-public personal data of business partners and providers
- Any other information that could serve to identify a person
You must protect all personal data from being misused. Are you, right now, able to guarantee that your customer and employee records are safe? How do you treat the risk of data breach by data transfers, i.e. to your payroll accountant?
How to secure your data to comply with GDPR / PDPA
1. Data Audit
See how data is actually handled in your company.
Safetica can help you with this. The Safetica solution monitors the movement of important documents, who opens them, and how they are handled.
2. Rules for working with documents
Set clear rules for who can work with personal data and how.
Safetica ensures that your security policies will not only exist on paper, but will also be used in practice.
3. Employee education
Every employee should know which information needs to be handled with sensitivity and how it should be treated.
Safetica informs employees about security rules and thus helps to strengthen data protection.
4. Data encryption
All media containing personal data should be encrypted – that’s what GDPR directly recommends.
Thanks to the centralized encryption management of entire disks, Safetica makes it easier to encrypt media throughout the whole company.
5. Data leak prevention
Data leak prevention has to be comprehensive and it must secure all communication methods – email, print, USB drive, DVD, mobile devices, etc.
Safetica ensures that only data that has been secured can leave your company.
6. Protection of physical copies of documents
CVs, labor agenda or contracts – keep all these docs safe when they are not in use.
Safetica allows you to manage which sensitive documents can be printed, so you can make sure that even a printed copy of your contacts database won’t get stolen.
7. Back-up and tools for quick data recovery in case of blackout or accident
GDPR requires companies to have the ability to recover personal data in case of technology failure. This is also crucial for other systems in your organization.
8. Network security and protection against external attacks
In addition to antivirus, don’t forget about system updates, correct network settings, firewalls or other technologies (IDS/IPS, honeypots, etc.) for network protection.
Safetica – personal data protection in accordance with GDPR / PDPA
With Safetica it’s easy to comply with strict GDPR requirements.
You’ll have a better overview of what’s going on in your company, you’ll see how employees treat sensitive data, and you’ll eliminate the risk of personal data being misused. When there’s a security threat, you’ll be notified in real time, and if there is a problem, you’ll have easy access to all the information you need for compliance reporting.
The statements given herein are for information purposes only, and they do not represent the comprehensive list of GDPR / PDPA regulation requirements. They are neither a substitute for legal consultation, nor an individual analysis of requirements for GDPR / PDPA compliance.
Find out how successful businesses protect their data using Safetica.
Demonstration On a Webinar
Let us show you how Safetica works and how it can help your organization.
Find out what security risks your company faces.