With the rapid rise of technology and the borderless nature of the modern digital economy, governments have had to adapt to provide better data protection and improve the fundamental rights of data subjects. On May 25, 2018, the world’s most sweeping data privacy regulation, the European Union’s General Data Protection Regulation (GDPR), will become law.
The GDPR gives EU residents the right to request from organizations whatever personal data is being stored about them and to withdraw consent of its use, thus effectively ordering its destruction. Per Article 12 of the GDPR, this request must be free of charge, easy to make, and must be fulfilled without “undue delay and at the latest within one month.”
The GDPR contains four key mandates:
- Accountability and Governance – Maintain relevant documentation on data processing activities and implement measures that demonstrate compliance, such as audits.
- Storage Limitation – Personal data may not be kept for longer than is necessary for the purposes for which it was originally obtained.
- Breach Notification – A notifiable breach must be reported to the relevant supervisory authority within 72 hours of the organization becoming aware of it.
- Individual Rights – An individual may request the deletion or removal of personal data when there is no compelling reason for its continued existence.
GDPR aims to encourage organizations to be more accountable, transparent and responsible for any personal data they hold. Any entity that stores or processes the personal data of EU residents will be obligated to conform to this new law, regardless of where that organization resides. Further, it empowers EU residents to control the data that an organization may hold on them.
Implications for File Management
GDPR demands improved data governance for files that contain personal information of a customer or employee. File shares may contain millions of files widely distributed across incompatible storage resources making it a challenge to comply with GDPR rules. A file management solution that can work across heterogeneous storage resources and provide the ability to analyze, move and manage files for GDPR compliance is a necessity.
- StorageX Dynamic File Management platform empowers you to analyze, move and manage and your files for GDPR compliance. StorageX is built using industry standards and operates seamlessly across heterogeneous storage resources, freeing your data from technology lock-in, complexity and risk.
- Using StorageX’s integrated analytics, you can quickly analyze files based on file name, type, size, location, creation, last access, attributes, SID and more. Files that contain personal data can be marked with custom tags so they can be easily managed in the future.
- When action is required (move, copy, delete), StorageX’s automated data movement policies facilitate the transfer of SMB/NFS source files to file resources more suitable for GDPR management. Move entire shares or exports to a new location with speed and reliability. StorageX reports record all file actions to document compliance for audits.
To learn how StorageX can help your organization manage its data for GDPR compliance, contact Data Dynamics Sales.