RSI Security

Category: GDPR

Delve into GDPR compliance essentials—from lawful processing and data subject rights to cross-border transfers and regulatory updates. Stay informed with practical guides and expert insights to enhance your EU-focused data privacy strategy.

  • How Are E-Commerce Websites Affected By GDPR Regulations?

    How Are E-Commerce Websites Affected By GDPR Regulations?

    E-Commerce websites are constantly under scrutiny for a myriad of reasons. Whether it be from consumers or regulatory committees, these websites need to play defense 24/7 to ensure their networks remain compromise-free from the threat of hackers. This is one of the main reasons why the General Data Protection Regulation (GDPR) was adopted in Europe in 2006.

    Although GDPR may be somewhat of a regulatory headache for e-commerce websites, it is also important for keeping consumer data secure. With an estimated average of 4,800 e-commerce websites every month becoming compromised by hackers inserting malicious code into their website to steal payment information such as credit card numbers, names, and more – there is no denying that a strong defense is the perfect solution.  

    This is why having a GDPR compliance checklist for e-commerce companies is incredibly advantageous in helping overcome these malicious network intruders. Let’s walk you through our GDPR e-commerce checklist that helps online retailers understand the importance of GDPR and what rules and regulations they should familiarize themselves and their IT teams with.

    (more…)

  • How to Make Your Website GDPR Compliant: A Step By Step Guide

    How to Make Your Website GDPR Compliant: A Step By Step Guide

    A website is like the cover of a book. The first thing a customer searches for is a company homepage and, like a book, if it is eye-catching, it warrants further investigation. For this reason, many companies invest heavily in website development, seeking to make their site clean, easily navigable, and, above all, able to capture and retain the attention of potential customers.

     However, in the process of developing a stellar website, security can sometimes be overlooked, particularly when it comes to complying with new privacy, consent, and transparency standards. 

    Is your website compliant with General Data Protection Regulation Standards? Find out now with our GDPR website checklist.

    (more…)

  • Why BYOD is Bad For GDPR Compliance

    Why BYOD is Bad For GDPR Compliance

    More organizations than ever are looking for ways to cut overhead costs. Some are giving their employees the option to work remotely. Others are allowing them to use their personal devices (i.e. laptop, cell phone, etc.) to do their work on in place of a company-owned device.

    Although adopting a Bring Your Own Device (BYOD) policy might allow your company to scale and pivot as you grow, it also comes with tremendous risk from the security front. With more global organizations choose to adopt these BYOD, they invariably come in contact with General Data Protection Regulations (GDPR) that ensure the protection of user data that flows through a company’s network.  

    As such, it would be best to consider developing an ironclad, yet flexible BYOD strategy to ensure your organization doesn’t get hurt by potential GDPR compliance mishaps. Let’s run through the potential issues with BYOD and GDPR and point you in the right direction towards keeping your network data safe while decreasing your risk for getting hefty GDPR compliance fines.

    (more…)

  • CCPA vs. GDPR: What’s The Difference?

    CCPA vs. GDPR: What’s The Difference?

    Consumer data privacy has become a hot topic these days with various legislations enacted to promote and strengthen the privacy rights of consumers. There is a global trend of forcing companies to be more accountable and responsible when it comes to protecting consumer data.

    Consider the General Data Protection Regulation (GDPR), which was designed to protect the personal data of citizens of the European Union (EU).  It was passed into law in 2016 and took effect two years later.

    A couple of months after the GDPR took into effect, then California Governor Jerry Brown signed into law the California Consumer Privacy Act (CCPA) which will be implemented in 2020. The CPPA is widely considered one of the toughest consumer privacy laws in the United States.

    Because of the nature of these two legislations, a comparison between the GDPR and CCPA is unavoidable. This article will discuss briefly the two data privacy acts and enumerate the differences between GDPR and CCPA.

    (more…)

  • Do I Need To Appoint A Data Protection Officer?

    Do I Need To Appoint A Data Protection Officer?

    Breaches in the confidentiality of personal information gathered in the regular course of commercial or business activities have been in the news for many years with little to no compliance action until recently.  

    The implementation of the General Data Protection Regulation (GDPR) on May 4th, 2016 was put into motion on May 25th, 2018 and has since been an integral part in keeping personal and sensitive data safe from those who wish to use it maliciously.  

    GDPR has evolved through the first full year of application, making it much more difficult for many companies to stay compliant and stave off colossal fines within GDPR regulations (Google included).  

    Many American-based companies feel that since the original terms of GDPR were drawn up for the European data market that they do not apply to their company. Unfortunately, many organizations’ digital operations exist in a globally manufactured web of platforms that fall under the jurisdiction of this data protection regulation, GDPR.

    A plethora of global companies are searching high and low for sustainable solutions, to realize that the key to data protection compliance has been baked into GDPR all along.  That solution lies with a company’s Data Protection Officer (DPO).  This article will serve as a high-level understanding of a DPO’s role as it pertains to a data protection officer GDPR requirements and responsibilities, how to hire a good DPO, and which organizations and legal entities are required to appoint a DPO.

    (more…)

  • Are you ready for GDPR enforcement?

    Are you ready for GDPR enforcement?

    The European Unions new data protection law, the General Data Protection Regulation (GDPR), went into effect on May 25th, 2018. The GDPR is a broad and substantial regulatory change meant to create uniform standards by which users personally identifiable information (PII) is stored, transmitted, and protected against theft. Many companies may be bound by the GDPR and not realize it. As such, they are at risk of being found non-compliant with the GDPR which can incur significant fines. In this article, well outline who is covered by the GDPR and explore the penalties that businesses can incur by being found non-compliant. The GDPR sets a high bar for compliance, and may require businesses to significantly change what types of data they store and how that data is stored. As such, a GDPR risk assessment or GDPR readiness assessment conducted by a qualified security assessor is essential to identifying areas of non-compliance and creating a comprehensive GDPR compliant data management system going forward.

    (more…)

  • What are GDPR Recitals?

    What are GDPR Recitals?

    The General Data Protection Regulation (GDPR) was recently adopted in the European Union but has far-reaching consequences for businesses operating around the world. The GDPR was crafted and adopted with the intention of creating a durable body of regulations that protect what personal data can be collected from individuals in the EU, how that data is processed, transmitted, and stored. The rollout of the GDPR has confused many businesses that are based outside of the European Union, who may not realize that they fall under the jurisdictional scope of the GDPR. Also confusing is the structure of the regulation, which has been crafted to adhere to standards consistent with the Court Justice of the European Union. In this article, well work to bring some clarity to the discussion regarding the GDPR. In particular, well outline the basics of what the GDPR is, who is covered by it, and whether your company should consider outsourcing your efforts to achieve GDPR compliance.

    (more…)

  • How to simplify GDPR with this need-to-know checklist

    How to simplify GDPR with this need-to-know checklist

    One of the biggest hot-button topics for consumers, businesses, and governments worldwide is data privacy and security. And the discussion has gotten that much more heated as high profile cases continue to hit the news. But things are set to get a lot more interesting with the introduction of the European Unions new General Data Protection Regulation (GDPR), which has just recently taken effect.

    (more…)

  • GDPR Compliance – An essential guide to personal data security

    GDPR Compliance – An essential guide to personal data security

    In this age of digital transformation, the upcoming EU General Data Protection Regulation (GDPR) sets a new bar for privacy rights, security, and compliance.

    (more…)