How secure is data in your business? In order to carry out a risk assessment in compliance with GDPR, you must first know how secure data is in your business.
HR-ON has created a tool for GDPR to support risk assessment.
The tool is based on the algorithm and recommendations in ENISA’s publication: Recommendations for a methodology of the assessment of severity of personal data breaches.
Data Processing Context
Data Processing Context explains the basis for calculating the severity of the data breach. DPC evaluates how critical processed data is and in what context data is handled.
Ease of Identification
EI (Ease of Identification) corrects DPC according to how difficult it is to identify individuals based on the leaked data. The harder it is to identify individuals, the lower the same overall SE index (SE – Severity) will be.
Circumstances of the Breach
CB (Circumstances of the Breach) identifies different circumstances that may be present in connection with leaked data. Therefore CB always increases SE index if one of these is present.
GDPR related news
The corona crisis is upon us and for many companies it is a challenging time. Therefore, HR-ON and a number of our partners have joined forces to help with HR…
Almost 100 users of HR-ON showed up to hear about the new EU Personal Data Regulations (GDPR). With the EU’s new Personal Data Regulations (GDPR) coming into force, Danish companies…
We don’t take enough care when creating new passwords. This is the announcement from the Center of Cyber Security, who recently published a new password-guide for IT users. In the…
The EU’s new Personal Data Regulation with a wide range of consumer rights is being rolled out in a few months, but only one in three consumers is aware. Even…
When the new GDPR rules come into effect, businesses could be hit by thousands of inquiries from customers about their data. Next week, the EU’s Personal Data Regulation (GDPR) will…
Breach level index calculator is a tool, developed according to American conditions, which are more advanced than the European ones. The calculator can be used with advantage for your company and gives you another perspective that can be included in the company’s risk assessment.
Here you will find a number of tools that can be used in your work with the General Data Protection Regulation and Risk Assessment.
The personal data test was developed by an attorney. We have chosen to highlight it, as it actually gives a good overview of the process and the subjects to be aware of in the process.
Here you can find a checklist to help organizations be GDPR-complaint
From CIS Security, you can download a 20-controller schedule that can be implemented into your IT organization. Even if you only implement the first five, you will have statistically increased your company’s security by 75-80%
Here you can read more about the European Data Protection Supervisor and the latest news on GDPR
What does GDPR mean?
GDPR stands for the General Data Protection Regulation.
When did the EU Personal Data Regulation come into force?
The EU Personal Data Regulation, also called GDPR, came into force on 25th May 2018.
What is Sensitive Personal Information?
1. Race or ethnic origin
2. Political, religious or philosophical beliefs
3. Trade union affiliation
4. Genetic or biometric data
5. Health information
6. Sexual orientation
What is the largest possible GDPR fine?
The largest possible GDPR fine is either 4% of the company's turnover or 205 million euros, whichever is greater.
Do all companies need to be GDPR compliant?
Yes. As of 25th May 2018, all companies must be GDPR compliant.
