European Union General – General Data Protection
Global – All organizations located inside or outside the EU, if they offer goods or services to, or monitor the behavior of, EU residents.
Notification of breach to Supervisory Authority must be reported to the relevant regulator within 72 hours upon discovery/confirmation.
Notification to Affected Data Subjects is required where there are high risks identified.
Audits, Investigations, Significant Fines (Up to $1.5 million in fines per year), and possible Criminal Penalties.
EU GDPR Requirements
Lawfulness of Processing
Security of Processing
Communication of a Personal Data Breach to the Data Subject
Take into account appropriate safeguards, including encryption:
Implement technical and organizational measures to ensure a level of security appropriate to risk, including:
Avoid notifying all affected individuals and potential fines if:
The European Commission and Member States determine whether a third-country provides adequate protection; if not, strict regulations must be adhered to, and strong safeguards must be implemented.
SecureDoc Full Disk Encryption protects your data-at-rest and strengthens technical and organizational measures to ensure a level of security appropriate to risk.
SecureDoc Enterprise protects personal data to significantly reduce the threat of a data breach, helping you avoid the damaging fines and reputational damage associated with breach notification and non-compliance.
SecureDoc CloudVM strengthens GDPR Data Sovereignty requirements and reduces the burden of compliance associated with International Data Transfers by applying location-, time and cloning-based restrictions to ensure that EU resident data is only stored and processed in EU data centers.
SecureDoc CloudVM’s portable, persistent encryption ensures that no matter where a VM is cloned or moved, it will remain protected from unauthorized access or disclosure, even in third-countries with inadequate protection.