GDPR (General Data Protection Regulation) is a dramatic new set of rules defining how personally identifiable Information, or PII must be managed. The new regulation becomes enforceable May 25th of 2018, and effects all companies in the EU, doing business in the EU, or has EU-based customers.
While the GDPR includes a comprehensive set of mandates addressing the processing and management of PII, contract data plays a very important role in compliance. For an effective compliance initiative, organizations must:
- Ensure contracts include a clear definition of data breach and specific obligations which are understood and comply with new GDPR requirements.
- Know the location of all PII (passport data, credit card and banking information, healthcare information, etc.,) that may exist as “dark data” across the organization.
- Confirm contractual agreements with processors of PII, or other vendors that come into contact with PII, have appropriate language defining the nature and scope of their access to PII.
Seal can discover contracts across the network, extract that data, and help organizations comply with GDPR. It helps them determine if they have clear definitions and obligations associated with PII, can analyze contract data to determine if they have PII hidden in “dark data,” and ensure contracts with intermediaries have clear language on the access and processing of PII.
The fines for non-compliance of GDPR are significant, and Seal helps organizations ensure their contracts, and the data they hold, meet the new regulations. Seal provides the foundation for a strong and effective GDPR compliance initiative.