GDPRGeneral Data Protection Regulation
Providing visibility and flexibility into the management of personal customer data for GDPR compliance
Identify, Track, and Secure
The European Commission defines personal data as “any information relating to an individual, whether it relates to private, professional or public life.” It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer’s IP address. We can help you identify which data needs to be secured and then help you secure it.
Regardless of where personal data resides, CampusGuard can assist your organization in implementing an information security program that will give you visibility into customer personal data in order to comply with GDPR.
Key Concerns with GDPR
10 Key Requirements
The GDPR has stringent rules across 10 Key Requirements:
Lawful, Fair, and Transparent ProcessingOrganizations must have documented rationale for processing personal data and must communicate policies transparently with a privacy notice.
Data Subject RightsThese rights communicate the relationship of an individual with an organization in terms of personal data.
ConsentIndividual consent must be granted in certain cases of collecting and using personal information.
Awareness and TrainingUp-to-date training is required for anyone who handles personal data.
Personal Data BreachesA personal data breach is defined as any event leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.
Privacy by DesignOrganizations must acknowledge privacy concerns before processing personal data.
Limitation of Purpose, Data, and StorageOrganizations must have an established purpose for collecting personal data, once that purpose is no longer met, the information should be deleted.
Data Protection Impact AssessmentThese must be used whenever data processing "is likely to result in a high risk to the rights and freedoms of natural persons."
Data TransfersAdditional safeguards need to be applied when personal data is being moved to a country outside of the EU.
Data Protection OfficerAn independent expert whose role is to advise on GDPR compliance.
Why Choose CampusGuard?
At CampusGuard, we specialize in the complexities and diverse environments of campus-based organizations. Our dedicated team prides itself on our expert accreditation, staying updated on the latest trends, and working alongside our clients with a personal approach.
Number of companies who spent over $500k to become GDPR compliant.
€ 359 M
Amount reported by EU data protection agencies in major GDPR penalties and fines.
$ 7.8 B
Amount US companies have spent on GDPR compliance.
Related Products and Services
Stay Current, Stay Protected
The language, parameters, and requirements of GDPR can be confusing and overwhelming. Our team of experts is ready to help you sort out your needs and get you on the road to compliance.
Top GDPR Frequently Asked Questions
The General Data Protection Regulation (GDPR) is a privacy regulation that went into effect in May 2018 in the European Union (EU). It is designed to protect the personal data and privacy of EU citizens and harmonize data protection laws across all EU member states.
The GDPR defines personal data as any information that relates to an identified or identifiable natural person, such as a name, address, email address, ID number, or IP address.
Under the GDPR, organizations must obtain consent from individuals before collecting their personal data, and they must provide individuals with access to their data, the right to have it deleted, and the right to object to its processing.
The GDPR also requires organizations to implement appropriate technical and organizational measures to ensure the security of personal data, and to report data breaches to supervisory authorities and affected individuals within 72 hours.
The GDPR applies to any organization, regardless of its location, that processes personal data of EU residents in the context of selling goods or services, monitoring their behavior, or processing their personal data. This includes organizations located outside the EU that offer goods or services to EU residents or monitor their behavior within the EU.
Countries in the EU include Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain and Sweden.
Violations of the GDPR can result in significant fines, up to 4% of an organization's global revenue or €20 million, whichever is greater, as well as reputational damage and loss of customer trust.
GDPR: Updating Your Privacy Notice
The organizational privacy notice is one of the documents that must be updated to better align with the new European General Data Protection Regulation.Read More about the GDPR: Updating Your Privacy Notice