What is the Right to Erasure (‘right to be forgotten’) of the EU GDPR?
The fast approaching General Data Protection Regulations (GDPR) of the European Union is the most comprehensive set of laws to hit the world of data technology.
GDPR is unique not only in the broad range of areas it regulates, but also in the high bar it sets for dealing with personal data.
Perhaps the most demanding requirement of GDPR in regards to personal information storage is the setting into law of the right to erasure, otherwise known as, the right to be forgotten. Article 17 of the Regulations lays out a list of reasons for which individuals can demand from a company to delete all their personal data contained on enterprise systems. These reasons include:
- The personal data have been unlawfully processed
- The reasons for the data’s collection is no longer relevant
- The information has to be erased to comply with another legal obligation of the subject
- An individual issues a claim objecting to the legal grounds for the data’s initial collection
The Need for System-Wide Control
What does this mean for organizations seeking to achieve compliance with GDPR?
Simply put, organizations will require the capability of identifying all data pertaining to European Union citizens contained in their systems.
The need for this requirement is further compounded when considering that most of the reasons requiring a company to erase data are dependent on the personal preference of the subject. Even an individual withdrawing consent for data containment can in many cases be grounds for invoking the right to be forgotten.
How can enterprises prepare themselves for abiding by these requirements laid out in the soon-to-be codified GDPR?
On Edge on Compliance
Organizations will require a solution that can accurately locate, categorize, and classify the wide array of company data types. In this way, businesses will be able to comply with client demands for the right to be forgotten when they arise.
GTB’s smart solutions, based on artificially intelligent algorithms, provide the strongest tools in data loss protection (DLP). They allow companies to stay in control of all their data, whether they be located on company systems or in the cloud, at rest or in motion, giving organizations the edge in achieving seamless compliance with the even the most demanding regulation.