GDPR- EU, Why it’s failing; & solutions to revitalize the effort. Companies need to continue business operations, while co-existing with Data Regulations & realize Cyber Security is just an annoying delay to hackers, not a prevention.
Practical ideas to promote useful compliance.
- Information past a certain age must be Encrypted, perhaps 80% of total data. This represents data not frequently needed for business transactions & includes documents.
- Big Data, Warehousing & Data Scientist’s that need access will call Secure API’s to Decrypt Data, Do their jobs & Re-Encrypt with API’s.
- Give companies a specified time period before enforcement
- Encrypt data needed for day-to-day operations, but that will take an additional 1-2 years; (6 months with an application);
- Use DPIA’s to Identify & Encrypt the current Personal Information after Step 1
- Use Secure Spring API’s to Encrypt & Decrypt data as requests are received from customers in the store, on the phone or Online.
- Encrypt customer identifiers
- Match to Compliant Operational Databases
- Decrypt data retrieved
- Use with Production Processes
- Re-encrypt data
- Right of Erasure & Information are not Production issues;
- 6-12 months Needed