EU GDPR COMPLIANCE

The Cocoon Data solution for GDPR

At the core of GDPR compliance is the need for organisations to understand where personal data is stored, apply appropriate controls to secure that information from unauthorised access, and monitor for malicious activity. As with other privacy compliance programs, file sharing and collaboration creates unique challenges that the Cocoon Data platform can address. Cocoon Data’s products allow organisations to locate personal data, encrypt that information, centrally manage permissions to protect against unauthorised access, and log all permitted and denied access requests to secured personal data.

Admin & Audit

Control privileged IT administrator account access to data and audit/monitor all permitted and denied access requests

Granular Permissions

Granularly enforce permissions to download, view, or change data

Strong Encryption

Encrypt personal data no matter where it is stored or how it is used

Central Storage

Centrally and securely store regulated data in a single managed platform

GDPR Overview

The General Data Protection Regulation applies to businesses within and outside the European Union that collect personal data belonging to EU citizens. The goal of the GDPR is to establish a consistent regulation for the privacy of personal data as, “rapid technological developments and globalisation have brought new challenges for the protection of personal data.”

Compliance with the GDPR requires the creation and enforcement of several technical and administrative controls. Specifically, sections 2 and 3 of the GDPR require impact assessments, security controls, and notification of data breaches. Organisations must notify the authorities within 72 hours of becoming aware of a breach. The organisation does not need to notify the data subject (citizen) of a breach if the organisation has appropriate measures “applied to the personal data affected by the personal data breach, in particular those that render the personal data unintelligible to any person who is not authorised to access it, such as encryption.”

Ignoring the compliance obligations under GDPR is not an option. Fines for breaching the regulation can be up to €20 million, or 4% of annual worldwide turnover, whichever is higher.

Arrow-up