EU GDPR COMPLIANCE

The Cocoon Data solution for GDPR

At the core of GDPR compliance is the need for organizations to understand where personal data is stored, apply appropriate controls to secure that information from unauthorized access, and monitor for malicious activity. As with other privacy compliance programs, file sharing and collaboration creates unique challenges that the Cocoon Data platform can address. Cocoon Data’s products allow organizations to locate personal data, encrypt that information, centrally manage permissions to protect against unauthorized access, and log all permitted and denied access requests to secured personal data.

Admin & Audit

Control privileged IT administrator account access to data and audit/monitor all permitted and denied access requests

Granular Permissions

Granularly enforce permissions to download, view, or change data

Strong Encryption

Encrypt personal data no matter where it is stored or how it is used

Central Storage

Centrally and securely store regulated data in a single managed platform

GDPR Overview

The General Data Protection Regulation applies to businesses within and outside the European Union that collect personal data belonging to EU citizens. The goal of the GDPR is to establish a consistent regulation for the privacy of personal data as, “rapid technological developments and globalization have brought new challenges for the protection of personal data.”

Compliance with the GDPR requires the creation and enforcement of several technical and administrative controls. Specifically, sections 2 and 3 of the GDPR require impact assessments, security controls, and notification of data breaches. Organizations must notify the authorities within 72 hours of becoming aware of a breach. The organization does not need to notify the data subject (citizen) of a breach if the organization has appropriate measures “applied to the personal data affected by the personal data breach, in particular those that render the personal data unintelligible to any person who is not authorized to access it, such as encryption.”

Ignoring the compliance obligations under GDPR is not an option. Fines for breaching the regulation can be up to €20 million, or 4% of annual worldwide turnover, whichever is higher.

Arrow-up