Blog Post
BY Stephen Cavey | 16 November 2020
The EU mandated the General Data Protection Regulation (GDPR) in May 2018, with the goal of protecting all forms of personal data, which is defined as any information relating a person to an identifier. Since its inception, there’s been some confusion about what classifies as general and sensitive personal data, which may be a top contributing factor as to why only 20% of businesses believe they are GDPR compliant. Let’s break down what this really means, and how organizations can handle such data under the GDPR sensitive personal data requirements, without violating compliance.
The GDPR describes two types of data: personal data and sensitive personal data. Personal data is any information that is clearly identifiable and about a particular person. This can include names, identification numbers, location data, as well as other instances of structured and unstructured data.
Sensitive personal data is a mixture of private opinions and health information that falls into specialized, legally protected categories. Businesses must treat this data with the highest security. Here are some examples of sensitive personal data.
Once these different types of data are understood and classified, it’s time to address how to process sensitive information in a compliant manner under the GDPR. The processing of sensitive personal data is only legal if it satisfies at least one of the following conditions:
GDPR compliance is often labeled as difficult to achieve, with 36% of businesses claiming GDPR requirements are too complex to implement, especially when it comes to processing sensitive personal data. Just understanding how to process sensitive personal data under the legislation is enough to make one’s head spin. But the good news is that it doesn’t have to be so difficult.
With Enterprise Recon by Ground Labs, GDPR compliance is easily achievable, as the award-winning solution can identify, monitor and remediate over 300 different types of data, including sensitive personal data. Organizations can also create an inventory of sensitive data, upholding the GDPR requirement for ongoing data surveillance by monitoring it around the clock via the Enterprise Recon dashboard.
Don’t leave sensitive personal data up to chance — book a demo with us today to get started on a clear path to GDPR compliance.
Share this article!
Want to keep up with all our blog posts? Subscribe to our newsletter!
As companies all around the world continue have large portions of their workforce remote, the need to keep their data safe and protected is even more critical. To help companies navigate this new reality and mitigate security risks, we are providing a 90-day complimentary version of our flagship solution—Enterprise Recon. Learn more about it here.
Please submit the form below and we’ll contact you to schedule a discovery call. Want to skip the email? Go here to schedule a meeting directly on our calendar.