Challenges of the European Union General Data Protection Regulation
The EU General Data Protection Regulation (GDPR) is a data protection act that is posing considerable challenges for organizations in Europe and around the world. Under the General Data Protection Regulation, organizations must get consent from EU residents to store or process their personal data. Organizations are also obligated to respond quickly when residents have inquiries about their data or when they withdraw consent and request that their data be erased. Failure to comply with the General Data Protection Regulation may cost organizations more than â‚¬20 million or 4% of total yearly worldwide revenue, whichever is greater.
While the EU has given organizations until May 2018 to implement GDPR requirements, the impact of this data protection law is enormous and will likely transform the way companies handles personal data.
How the General Data Protection Regulation affects email
The General Data Protection Regulation will present a particular challenge for email retention. Because email frequently contains personal information and data that is often used for marketing and other purposes, GDPR compliance will require organizations to explicitly require users to opt in, rather than opting out, when email data is collected. The General Data Protection Regulation also requires organizations to pay rigorous attention to how backup and archived copies of email are managed. Organizations must be able to delete email from any individual at any time.
Simplify General Data Protection Regulation compliance with Mimecast
Mimecast provides a number of tools to help organizations address compliance with the General Data Protection Regulation.
Mimecast Enterprise Information Archiving provides a multipurpose archive for email and other files that provide administrators with fine-grained control to quickly respond to opt-out requests in compliance with the EU's data protection regulation. With Mimecast, administrators can use fast e-discovery, smart tagging and archiving supervisory tools to easily isolate and delete emails from the archive when individuals withdraw their consent.
Mimecast Targeted Threat Protection and other security services provide state-of-the-art defenses to protect email and critical infrastructure from a wide variety of threats, including impersonation attacks, malicious URLs and weaponized attachments. Mimecast security services also provide comprehensive defense of the personal data contained in user emails.
Mimecast makes GDPR compliance simpler by allowing administrators to manage archiving, security and continuity services from a single, intuitive console. And administrators can easily access archiving logs to assist audit compliance with policy and monitor all internal access.
Learn more about Mimecast's solution for compliance with the General Data Protection Regulation.