RSA at a RSA Charge 2017 conference today announced that it has combined several products from the RSA Archer Suite with RSA services to specifically address data governance and privacy issues that arise from new regulation such as the General Data Protection Regulation (GDPR) crafted by the European Union (EU).
David Walter, vice president for RSA Archer at RSA, a unit of Dell Technologies, says interest in how to comply with GDPR is rising as the May 25th, 2018 deadline for compliance approaches.
“Organizations still need to do a lot of work,” says Walter. “Many of them don’t realize just how much personally identifiable information they have.”
Given the amount of penalties that can be incurred, Walter says, organizations have been asking RSA to develop a more prescriptive approach to helping them achieve and maintain GDPR compliance. That process starts with a risk assessment and then capturing data assets affected by GDPR. After that, organizations need to put the processes in place that make sure all data relating to any individual can be permanently deleted, says Walter.
Most organizations today don’t have a structured method in place for how they manage data. Individual departments tend to make use of data with little or no supervision. GDPR requires organizations to put a more structured process in place or face fines that can go as high as 4 percent of the worldwide revenues.
Obviously, not every company is affected by rules being enforced by EU. But around the world, stricter regulations are starting to be implemented. All it takes is for one transaction to be conducted involving a citizen from one of the countries for organizations of any size to run afoul of those regulations. As such, it’s now only a matter of time before most organizations will need to fundamentally change the way they manage their data.
