What is GDPR?
The General Data Protection Regulation (‘GDPR’) is a new European privacy regulation which replaces the current EU Data Protection Directive. As its main goals, the GDPR seeks to strengthen the security and protection of personal data in the EU and to harmonise EU data protection law. The regulation comes in to effect the 25th of May, 2018.
To whom does it apply?
The regulation applies to any organisation which collects, stores or processes personal identifiable data of someone based in the EU.
It also applies to organisations based outside the EU if they collect or process the personal data of someone located in the EU.
What does this practically mean?
The new regulation establishes a series of core principles or rights for the person from whom the data has been collected.
Right of access:
This gives the person the right to get access to their personal data and information about how this personal data is being processed.
Right of erasure:
This gives the person the right to request the erasure of personal data related to them.
This gives the person the right to transfer personal data from one electronic processing system to and into another, without being prevented from doing so by the data controller.
Data protection by design and by default:
This requires that data protection be designed into the business processes for products and services.
Records of processing activities:
Records of the processing activites must be maintained and the records made available to the supervisory authorities.
How has qualycloud prepared for the GDPR?
qualycloud created qualytrust, a platform that establishes a New Digital Trusted Relationship between the customer, their service providers and their associated ecosystem, in compliance with GDPR.
qualytrust, encrypts and protects customer’s Private Data coming from multiple sources and allows them to securely share it with other stakeholders and Service Providers from their Privacy Dashboard.
qualytrust secures the customer’s journey giving them back control of their personal data.
Moreover, qualytrust offers the customer the possibility to actually monetise their data, but with their given consent.
qualytrust centralises, synchronises, secures and encrypts all exchanges to guarantee traceability in all transactions within the digital ecosystem. We handle all the workflows, contracts and partners on-boarding to create a trusted value chain. All ecosystem members will be able to better exchange with the Service Providers and with their subscribers in order to actively build new and enhanced services.
qualytrust gives the control to the user through a Privacy Dashboard. All information is securely stored within the Personal Smart Data Hub while our Smart Privacy engine defines the sharing rules according to the contracts established between the subscriber and their service providers.
Built on top of the Personal Smart Data Hub, the Smart Privacy technology is structured by the Contracts established between the Customer and their Service Provider. Data sharing rules and profiles are therefore clearly defined and state which data is shared with whom and for what purpose.
Smart Privacy keeps track of all data exchanges and interactions and provides detailed reports to the relevant stakeholders during the whole contract lifecycle.
Note: These features are already operational.
Third party resources: