Citrix has released a new whitepaper talking about the General Data Protection Regulation (GDPR) and the requirements as well as best practices that organizations need to understand in order to be compliant with the regulation that comes into effect on May 25th.
As noted in the whitepaper, the General Data Protection Regulation (GDPR) brings a lot of new things and with its seven data protection principles, it brings several challenges for organizations but also puts a lot of focus on protection of data subjects rights. The key principles of the GDPR are:
- Processed lawfully, fairly and in a transparent manner
- Collected and processed only for “specified, explicit and legitimate purposes” and not for anything that might be inconsistent with the Data Subject’s Consent
- Limited to only what is necessary to accomplish the purpose (data minimization)
- Accurate and “where necessary, kept up to date” taking reasonable steps to ensure the accuracy to include quickly correcting or erasing as appropriate
- Kept in such a form that “permits identification of data subjects for no longer than is necessary for the purposes”
- Processed in a manner that “ensures appropriate security of the personal data”
With severe penalties for violating the GDPR, organizations have been scrambling to become compliant before the regulation comes into effect on May 25th.
The whitepaper from Citrix also talks about best practices and practices to avoid, whether these are organizational or information security oriented. The conclusion of the whitepaper is that while the GDPR might sound intimidating, it is a way in the right direction and could offer organizations a way to gain a competitive advantage as well as become more secure in general.
You can download the new Citrix whitepaper, titled “Taming the GDPR”, directly from Citrix’s website.