Three Imperatives for Keeping IBM i Environments in Compliance with GDPR
3 Security Must-Haves for Maintaining GDPR Compliance in Your IBM i
The European Union’s General Data Protection Regulation (GDPR), which begins enforcement on May 25, 2018, is about giving individuals
control over their personally identifiable information that is stored, processed and shared by companies, as well as making companies
responsible to adequately protect personal data from theft and misuse.
But if you think that just because your company doesn’t have offices in the E.U. it doesn’t need to be concerned with GDPR, think again.
GDPR applies to every organization that stores, processes or otherwise uses data relating to E.U. citizens, and there are stiff penalties for
non-compliance that can be as high as 4 million Euros or 4% of revenue, whichever is higher.
GDPR: It’s About Respecting and Protecting Personal Data
There is no shortage of information available about GDPR with a multitude of websites and white papers detailing and interpreting the
specifics of the regulation. The essence of GDPR boils down to the following requirements for organizations regarding personal data:
- Keep or otherwise use an individual’s data only with the consent of the individual and within a specifically defined scope.
- Know where each individual’s data resides so that it can be identified upon request of the individual or an auditor. Companies must provide
an individual with their personal data upon request along with a description of how the data is being used. In addition, an individual
may make reasonable requests to have his/her data changed and, in certain cases, have the data deleted (the “right to be forgotten”).
- Protect the individual’s data from theft or unauthorized access.
- Promptly notify individuals, as well as the proper authorities, if an individual’s personal data is stolen.
Read this ebook to learn how technologies and services for managing security and compliance on the IBM i help your organization comply with even the most stringent requirements.
This eBook and all related materials are provided for informational purposes only, and are not intended to provide, and should not be relied on for, legal advice pertaining to the subject matter. If you have specific questions on how this may affect your organization you should consult your legal advisor.