When it comes to industries embracing new technologies and digitisation, the finance industry leads the way. Over the last three years, the total global investment in fintech has risen to $31 billion, a significant increase from the $9 billion it was in 2008. With this digital boom the amounts of personal data collected within the industry has also followed on the same trajectory. Recent changes in Financial Crimes Regulation has seen a tenfold increase in the collection of personal data, and with the adoption of the single EU Digital Payment Service Directive (PSD2) predicted to increase the sharing of Customer Personally Identifiable Information (PII) by up to five times, structuring and securing this data has never been so important. An individual’s data is collected for a variety of purposes including Credit risk, Financial Crime, Profitability, Sales effectiveness or background verification checks. When GDPR is introduced on May 25th 2018 it will set a universal … [Read more...] about GDPR and effective implementation for finance businesses
Just about everyone agrees – business regulations are unpopular. Execs dislike the time and money they must spend investing in hardware and software to comply with those that they think don’t apply to their company, don’t help their customers, and don’t improve the business.So, “as soon as I can get rid of it, the better,” is a pervasive attitude. Execs might decide to add some additional servers for extra security, but don’t generally see a need to go further.The approach that many companies are taking to GDPR is akin to the Three Little Pigs fairy tale, where three pigs go out into the world, with the admonition from their mother to “do the best you can in life.” Well, the first two pigs are fun loving. They quickly build their houses of straw and sticks so they have more time to play. The third pig, who is a more serious, takes the time to build his house of brick.When the Big Bad Wolf comes along, he quickly huffs and puffs … [Read more...] about How is the tale of the Three Little Pigs a lesson for GDPR?
The General Data Protection Regulation (GDPR), aka EU Regulation 2016/679, unifies data protection for all residents of the European Union (EU) as of May 25, 2018. Additionally, GDPR also addresses the export and processing of personal data outside the EU, which is where cloud users are getting concerned around compliance.So, what do you do to comply? The spirit of regulation is to protect the privacy of EU residents. While many people believe that this means their data must be kept in the EU country where the person resides, that fact of the matter is that the data can be stored anywhere in the world—as long as its collection and use comply with GDPR regulations.If you’re looking to do business with EU residents, there are a few basic rules to follow. To support those rules, GDPR defines several roles, including data controller, data processor, and data protection officer (DPO): The data controller defines how personally identifiable information (PII) is processed and … [Read more...] about GDPR and the cloud: What you need to know
The deadline for GDPR is getting closer by the minute, however many organisations are still ill-prepared for the many new rules set to come into place. According to new research from Solix, this includes widespread confusion over what the 'right to be forgotten' really means, and how it should be put into practice.Solix claims that two thirds of organisations are unsure if the user's data should be deleted from all systems, forever. And less than half (43 per cent) don't have properly set-up deletion mechanisms and confirmation checks.More than four in five (82 per cent) don't even know where their most sensitive data is stored, and 55 per cent maintain audit trails for data consents."It's clear that the majority of organizations are not currently prepared to meet GDPR requirements," said John Ottman, Executive Chairman of Solix Technologies. "There is an urgency to take steps now, as the enforcement deadline quickly approaches and applies to anyone who is currently operating with … [Read more...] about GDPR ‘right to be forgotten’ still confusing many organisations