Nearly everyone at this stage is aware of the obligations placed on companies by GDPR (if you are not we can advise). What companies are finding challenging is defining how to address these obligations in a practical and cost effective way. Complex technical environments only increase the challenge. TEKenable is registered with the Data Protection Commissioner and used to handling complex and sensitive data through a multiplicity of IT platforms, we can help you with practical advice.
- Legal — Contractual frameworks
- Discover — What personal data exists, classification?
- Manage — How will you respond to access and erasure requests, new data etc?
- Protect — Security Controls
- Report — Identifying the scope of a breach/loss and reporting same.
We give some more details on each of these areas below
We are technologists with a 16 year company history. We bring tools, partners and knowledge that drive IT compliance. We can provide you with compliance in the following areas.
Our partners are expert IP solicitors and bring extensive legal and process expertise to ensure you are covered.
Using our tools we Automate Discovery of PI data wherever it may be kept — File Shares, PCs, Laptops, SharePoint, O365, BitLocker, SQL Databases, Cloud, etc. Our GDPR consulting team will then work with you to classify the data by sensitivity and create a data catalogue.
We can document your data usage with data flow and process mapping validating its usage against consents and allowing the identification of so called “dark data” (data that is held but not used) and is therefore an unnecessary risk and should be deleted. We can provide tools that will monitor PI data content on an ongoing basis to support access and right to be forgotten requests and prove compliance if challenged.
We can review and implement application security, O365 security, Data Loss Prevention, file system and database encryption to protect valuable data and make recommendations on processes to limit access and exposure from a process perspective.
In the event of a breach we have tools that enable you to determine what data was exposed or lost and to profile user activity to be proactive in preventing loss (Personal Information in files copied to Dropbox for example). Our legal partner can help you with representation and reporting if you require it post breach.