Cloud & GDPR
Published in
3 min readFeb 19, 2020
What is GDPR?
The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business
Principles of GDPR
- Lawfulness, fairness, and transparency — personal data are processed in a lawful, fair and transparent manner in relation to data subjects. Transparency implies that any information and communication concerning the processing of personal data must be easily accessible and easy to understand.
- Purpose limitation — personal data are to be collected only for specified, explicit and legitimate purposes and it is not allowed to process them further in a way that is not compatible with those purposes.
- Data minimization — Personal data must be adequate, relevant and limited to what is necessary for relation to the purposes for which they are processed.
- Accuracy — Personal data are accurate and are kept up to date where it is necessary.
- Storage limitation — Personal data must be kept in a form that makes it possible to identify data subjects for no longer than is necessary for the purposes of the processing.
- Integrity and confidentiality — the processing of personal data appropriate security of personal data is ensured. This should include protection against unauthorized or unlawful processing, destruction, and damage.
- Accountability- embodies that organizations live up to expectations for instance in the delivery of their products and their behavior towards those they interact with.
Do all applications in the EU comply?
The rule is to you must — we know famous corporations adhere and not-adhere. When they are caught, the EU does fine heavily
The biggest ICO fines for data protection and GDPR breaches
- Equifax — fined £500,000 in September 2018.
- British Airways — fined proposed £183m in July 2019.
- Marriott — fined proposed £99m in July 2019.
- Dixons Carphone — fined £500,000 in January 2020.
- Facebook — fined £500,000 in October 2018.
- Bounty UK — fined £400,000 in April 2019.
- TalkTalk — fined £400,000 in October 2016.
How does cloud vendors helping us with tools?
Most of the principles fall under the following major categories.
- Encrypt Data
- Monitoring & logging
- Access control
- Data Privacy
- Security by Design
- Certification and Programs
Cloud vendor respective tools, which help the enterprises to comply are here.
Encrypt Data
Monitoring & logging
Access control
Data Privacy
Security by Design
Certifications
Happy protecting your customer data!