GDPR & Mobile Security

tags: Knowledge Meetings

GDPR & Mobile Security

As of 25 May 2018 the same privacy legislation applies throughout the European Union (EU); GDPR (General Data Protection Regulation)This new legislation causes some huge challenges for organizations; data leaks must be well documented; processing personal data must be properly secured; processor agreements with suppliers have to be concluded and from now on software must take into account privacy conditions.

Marcel Verbruggen from Vanderlande shared with us how far they are with their compliancy to GDPR and how they manage this in their international context with worldwide branches. They have made an inventory of all processes handling Personal Data and determining ‘Personal Data”. Per process a complete description, purpose and legitimacy, process owner, storage terms and types of data subjects have been captured.

Data transfer within the group, inside and outside the EU has been arranged for with a Intra Group Data Transfer Agreement, which has decomplicated the internal data usage. This to overcome the fact that every entity needs to sign bilateral Standard Contract Clauses (Verwerkingovereenkomst) to be compliant. 

Our Host Rene Milder from Jumbo shared more on Mobile Security. Moving more to a BYOD company with the challenges of a omni channel retailer with a lot of personal data. The importance of end devices to be encrypted, locked screens, changing frequently passwords and so on. And the most important issue is end user awareness of IT Security. 

An afternoon with a lot of interaction and sharing. The next IT Security Peer Group will meet in June, to discuss the possibility of CERT collaboration. Alongside there are talks with the Eindhoven Cyber Security Group (ECSG) to discuss collaboration.

Join the EIC or subscribe to the newsletter?
Join us!