What is it ?
Put simply it is a set of new policies adding to the current Data Protection Laws in the EU.
Companies will be required to respect "the right to be forgotten". This means that you must be fully in control of your data in such a way that all digital traces pertaining to any individual must be fully deleted should the request be made.
Whats is in scope ?
Basically all of your data must be cleansed of any identifying data if requested. This will include all past and present data including archives and backups.
What if I dont comply with a request ?
Penalties will be imposed of up to 4 percent of worldwide turnover.
How should this be implemented ?
You will need to be able to demonstrate a process which is implemented and fully documented which complies with each request.
What problems need to be overcome ?
The biggest issue is knowing your data. In other words having fully indexed data and systems which will ensure this can be conducted in a thorough and effective manner.
When does it come into effect ?
If a request is made by an individual to "be forgotten" then presumably there should also be no record of the request itself being made. This surely would make it very difficult to prove that the request was ever received and implemented. A more thorough understanding of this type of question needs to be investigated.
For more information visit http://www.eugdpr.org/
Many companies have little to no email retention policies in place. The idea here is to ensure that if a business related email is required...
Off topic.......configuring the zmodo ZP-IBi-13W camera to work with Blue Iris Software. Many people have had issues getting these cameras...
So it looks like the Government will finally get the law passed requiring websites to retain all user browsing activity logs for a minimum o...
On April 12th, 2016, a crucial security bug in Windows and Samba will be disclosed. It has been named Badlock and like Heartbleed it has...