Now that we know that the GDPR is going to affect organizations across the globe, let’s look at what steps we can take to get ready for this new regulation.
Organizations can begin the process of GDPR compliance by designating a Data Protection Officer (DPO) to oversee their data processing operations. The next step is to map the data processing. This involves creating a precise inventory of the data they are processing, where it’s flowing and to whom. With this understanding, they can then organize their internal processes to ensure constant data protection by putting in place key internal procedures, including policies regarding security breach preparedness and vendor management.
In addition, data controllers are responsible for assessing the level of risk posed by their data processing operations against the fundamental rights and freedoms of individuals and then modulating their operations and data protecting methods accordingly. Anonymized and encrypted data is likely to reduce the level of risk.
Using encryption and automated privacy tools is a positive step. For example, video redaction that blurs out people’s faces unless there is a legitimate reason to reveal their identity can minimize the risks associated with having security cameras deployed in public spaces. Organizations should also look for certified and sanctioned organizations, such as the European Privacy Seal group ‘EuroPriSe'. This is a professional organization working to foster certified trust and reliability whose purpose is to ensure companies meet the ‘GDPR-ready’ privacy compliance standards.
At Genetec, we have been developing solutions that protect privacy by design for several years. With comprehensive permissions management that restricts the scope of individual and group access, our solutions allow users to control who sees what. Through the automated anonymization of video, our Privacy Protector™ module also automatically obscures individuals in live video streams so that security operators see only what they need to see.
Our solutions also ensure that the video and data viewed and exchanged within our systems are fully encrypted. In addition, our collaborative investigation management solution, Genetec Clearance™, makes it possible for you to gather and share reliable evidence in a way that protects everyone’s privacy. It includes built-in video redaction, which keeps the identity of victims, bystanders, witnesses, and police officers anonymous. Genetec Clearance, also allows organizations to provide individuals access to their personal data through a secure, web-based self-service portal. Data can then be erased at an individual’s request without undue delay.
To find out more about how Genetec can help get you ready for GDPR, visit our Trust Center.