05.29.2018

Should U.S. companies be GDPR compliant? The short answer is yes. The General Data Protection Regulation (GDPR) is the European Union’s (EU) strengthened data protection rule covering all citizens of the EU, no matter where they are located in the world. Starting May 25th, 2018, the goal of the law is to give control of personal data back to the individual as well as placing restrictions on ‘hosters’ and ‘processors’ of that data.

While enforcement of the GDPR is still under debate, this is not a compliance program to be ignored by anyone outside of the EU. If you are an organization that happens to have the name, address and any other data point of a person from the EU in your data logs, you need to prove compliancy, or face stiff fines. Continue reading the full article.

By Ed Gorczyca, Chief Compliance Officer, Optimal IdM

Tags

  • The database in which all of your organization’s sensitive identity data is stored.
  • A digital ledger in which digital transactions are recorded chronologically and publicly.
  • Securely managing customer identity and profile data, and controlling customer access to applications and services.
  • The means of linking a person's electronic identity and attributes, stored across multiple distinct identity management systems.
  • A legal framework that sets guidelines for the collection and processing of personal information of individuals within the EU.
  • The policy-based centralized orchestration of user identity management and access control.
  • An authentication infrastructure that is built, hosted and managed by a third-party service provider.
  • A security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction.
  • A global provider of innovative and affordable identity access management solutions. 
  • Managing and auditing account and data access by privileged users.
  • Tools and technologies for controlling user access to critical information within an organization.
  • An authentication process that allows a user to access multiple applications with one set of login credentials.