Software AG announced its GDPR Framework for addressing the challenge facing enterprises to meet the impending General Data Protection Regulation (GDPR). In one year, starting on May 25, 2018, this European Union (EU) GDPR regulation mandates that all companies and institutions are legally bound to rules aimed at protecting personal data and for upholding the data privacy rights of individuals residing in the EU.
By using Software AG’s GDPR framework, organizations are equipped with the capabilities needed to fulfill the obligations imposed on them as processors of personal data. This includes the means to create a detailed record of processing activities, providing transparency into data, processes and applications in the context of GDPR.
Software AG’s GDPR framework enables firms to establish a governance, risk and compliance (GRC) framework to internally communicate guidelines and procedures for GDPR compliance, as well as monitor adherence to these, and to continue on a program of digital business and IT transformation while complying with GDPR.
GDPR, which impacts all organizations processing data from EU residents, mandates stronger rights for data subjects, more stringent obligations for data processors, significantly higher fines for infringement, and certifications as proof of compliance. The regulation replaces and unifies previous personal data protection laws in the EU member states, providing a standardized regulatory environment that is more favorable for international business.
For large, EU-based and multi-national enterprises in any industry, GDPR carries huge consequences. Yet Gartner* states: “By the end of 2018, over 50% of companies affected by the GDPR will not be in full compliance with its requirements.”
The immense data stores, networked systems, business ecosystems and technologies that enable companies to serve their markets and customers, hold a vast amount of information that needs to be reined in. Few companies have the required oversight across their distributed data and processing activities and the insight into precisely what kind of data they house to be able to comply with GDPR rules.