Thirteen Essential Steps for Meeting the Security Challenges of the New EU General Data Protection Regulation
Learn how you can begin preparing your information security program for compliance with the GDPR
In May 2018 when the European Union (EU) General Data Protection Regulation (GDPR) becomes enforceable, every multinational business offering products or services to EU residents will be required to adhere to a strict set of data privacy and security measures. These requirements will apply equally to your operations as well as those of your business partners. They call for the use of emerging technologies and systems-design concepts that may be new to many information security professionals, especially those in the US.
To help you address the challenges of GDPR compliance, this paper is divided into five sections:
- A brief overview of the GDPR
- Why the Regulation should be important to information security professionals
- 13 essential steps you should take to help ensure GDPR compliance
- A glossary outlining key concepts of the Regulation
- A summary of information security considerations posed by the EU Data Protection Directive 95/46/EC and the GDPR
“Thirteen Essential Steps to Meeting the Security Challenges of the New EU General Data Protection Regulation,” was written by Scott Giordano, an attorney with nearly 20 years of legal, technology and risk management consulting experience. Mr. Giordano holds Information Security Systems Professional (CISSP) and Certified Information Privacy Professional (CIPP) certifications. He is a subject matter expert on the intersection of law and technology as it applies to e-discovery, information governance, compliance and risk management issues.