4In The NewsIn The News (1)
3Press ReleasePress Release (2)
5Thought LeadershipThought Leadership (2)
201811November3November 2018 (3)
201808August2August 2018 (2)
201807July1July 2018 (1)
201805May1May 2018 (1)
201804April1April 2018 (1)
201803March3March 2018 (3)
201802February1February 2018 (1)
If you're tasked with marketing,
Pragmatically stating, there is currently no definitive or complete checklist for GDPR compliance available today. To create an accurate compliance checklist for GDPR requires that GDPR violations have been comprehensively defined. But, when SecurityGate took a deeper look at GDPR for our clients, we realized a surprising truth: there are no precise standards.
In comparison, the National Institute of Standards and Technology defined and published the NIST.SP 800-171 (see my recent blog post on this subject - link) well before the implementation deadline, which contained very clear explanations of controls and guidelines for implementation. Unfortunately, The EU Article 29 Data Protection Working Party, which will become the European Data Protection Board on May 25, 2018, does not duplicate this level of effort. The EDPB will be responsible, not only for providing guidelines for GDPR compliance but also for enforcing the penalties incurred from non-compliance.
In my opinion, an example of the ambiguity in the GDPR compliance standards follows:
We recognize that many businesses don’t have the resources necessary to properly formulate a plan. So how is a company supposed to be ready for GDPR? In my opinion, there are basically three options, all of which have pros and cons.