Learn what's new and how it impacts your business.
Due to the complexity of GDPR, it was widely anticipated that certain fundamental aspects of the regulation would be prioritized over others for auditing and enforcement after it came into effect in May 2018.
For example, Data Breach Notification compliance and facilitation of Data Subject Access Requests (DSARs) have been an initial focus.
However, more recently the UK Information Commissioner’s Officer (The ICO) and other EU Data Protection Authorities have started addressing the more material GDPR requirements and asking the question in their audits, "What did you do to transform the legal basis for processing pre-GDPR data so it is legal to continue to possess?”
This question arises from GDPR Recital 171, relating to consent, which has not previously been emphasized, but states that all personal data collected using approaches that were legal at the time of collection -- but fail to comply with the newly-heightened GDPR requirements -- are now illegal to possess.
A CEO of a Top 10 Global IT company recently stated that "90% of data is illegal under the GDPR" due to improper or noncompliant consent.
Companies are also realizing that consent *does not* work for Analytics, AI processing or Machine Learning because these uses cannot be explained to Data Subjects with the specificity required under the GDPR for consent to be lawful.
Tragically, companies are responding to this requirement in one of two ways - those that do nothing, which exposes them to enforcement action and those that have gone so far as to delete highly valuable data to avoid potential liability.
At Anonos, we have a unique, revolutionary, and GDPR-certified pseudonymisation solution that enables organizations to take action to legally possess personal data collected pre-GDPR in compliance with Recital 171.
Introducing SaveYourData from Anonos.
This one of a kind, GDPR-certified technology solution enables you to complete the first step in transforming data to support Legitimate Interest processing to enable lawful secondary processing like Analytics, AI and ML.
To start a conversation about how you can quickly and easily fix this problem and save your historical data by making it legal to possess, contact us directly.
To download the following 2 page itemized check list to evaluate your right to possess legacy GDPR data click here:
