Comply with the GDPR and NIS Directive by May 2018

March 22, 2017 BY iTGRC Asia Ptd Ltd.

        In Asia, Look no others and wait no further. Following elements of the GDPR (General Data Protection Regulation) NOT to be neglected for ...

Treat it with Priority in Asia, 2017. Comply with the GDPR and NIS Directive by May 2018 to avoid the fines associated with a data breach. Click the above for further detail. 

 
 
 
 
In Asia, Look no others and wait no further. Following elements of the GDPR (General Data Protection Regulation) NOT to be neglected for operators of essential services and digital service providers from all over the world, a further 6 months from May 2018 that it shall apply:
 
• Data must be processed lawfully, fairly and in a transparent manner.
• Personal data should be protected through pseudonymisation and encryption.
• Personal data can only be collected for defined purposes, and storage limitations will apply.
• Organisations have to meet new requirements to secure data subjects’ consent.
• Data subjects have been granted extended rights.
• Organisations need to be able to demonstrate compliance.
• Data subjects can bring legal action against organisations in case of data breach.
 
The GDPR will come into effect on 25 May 2018, and organisations around the world including Asia that process the personally identifiable information (PII) of EU residents will be required to abide by a number of provisions or face fines of up to 4% of annual global turnover or €20 million – whichever is higher. Now, with "The GPDR and ISO 27001", GDPR encourages the adoption of certification schemes as a means of demonstrating compliance. Certification to ISO 27001 can help organisations achieve their compliance objectives, protect their data. Quickly Click here for the detail
 
More will be published on Our Service page
 
 
 
 
Reference
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the European Council and the European Commission intend to strengthen and unify data protection for individuals within the European Union (EU). It also addresses the export of personal data outside the EU. The primary objectives of the GDPR are to give citizens back control of their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
 
 
Pseudonymization is a procedure by which the most identifying fields within a data record are replaced by one or more artificial identifiers, or pseudonyms. There can be a single pseudonym for a collection of replaced fields or a pseudonym per replaced field. The purpose is to render the data record less identifying and therefore lower customer or patient objections to its use. Data in this form is suitable for extensive analytics and processing.
 
 
Encryption is the process of encoding a message or information in such a way that only authorized parties can access it. Encryption does not of itself prevent interference, but denies be interceptor. In an encryption scheme, the intended information or message, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted.
 
 
Personally identifiable information (PII) is any data that could potentially identify a specific individual. Any information that can be used to distinguish one person from another and can be used for de-anonymizing anonymous data can be considered PII.