The EU General Data Protection Regulation

On the 25th of May 2018, the European Union General Data Protection Regulation (EU GDPR) comes into force. The aim of the GDPR is to protect the personal information of EU citizens and make it easier for organizations to understand and comply with data protection rules.

The legislation affects all organisations processing personal information or offering goods and services to people within the EU, even if your organization does not have a location in the EU. Cases of non-compliance will be treated with significant financial penalties; 20 million Euros or 4% of your worldwide annual revenue.

GDPR key points

Privacy: An individual’s personal information such as name, email address, financial or medical details, and even IP address, must be safeguarded in all products and services.

Data Custodianship: Personal information must be traceable through an organisation; How the information is collected, stored, processed and accessed must be known. Additionally personal data may be retained for only as long as an organisation absolutely needs it. Once that data is no longer needed, the regulation requires that the data should be destroyed or anonymized.

Consent: Organisations must gain consent to use and process an individual’s personal information. It must be clearly communicated to the individual what their information is going to be used for.

Right To Revoke: Individuals can revoke their consent for an organisation to use their personal information. They may also request for their personal information to be deleted.

Breach Notification Requirements: Along with the requirements around keeping users’ information safe, the GDPR also includes binding and rigorous data breach notification rules.

LINQ – GDPR the easy way

LINQ is an information flow modelling tool that can be applied to your GDPR challenge immediately.

null

Personal data

Easily trace the use of personal data within your organisation with upstream and downstream flow modelling.
null

Storage location

Discover where personal information is processed and stored, mapping which of your systems are subject to GDPR.
null

Collection, usage and disposal

Identify information collection (who or what collected it), usage (for what purpose) and disposal (what is its lifetime).
null

Trust boundaries

Record when and to whom personal information is transferred out of your organisation.
null

Risk management

Identify potential risk areas by visualising your organisation’s information flow.
null

Faster capture time

You don’t need specialist skills to start mapping information flow to understand how your business currently operates.

See LINQ in action

Capturing the relationships between actions, information, systems, and people, you will have access to insights about how personal information flows through your business.

LINQ does a lot more than support GDPR

To understand more about what LINQ can do for your business, read about our benefits.

Interested in LINQ?
Start a conversation with our team today.