GDPR or General Data Protection Regulation has come into effect on May 25, 2018. It applies to all organizations inside the EU and any outside who handle and process data of EU residents. It is intended to strengthen data protection and give people greater control over how their personal information is used, stored and shared by organizations who have access to it, from employers to companies whose products and services they buy or use. GDPR also requires organizations to have in place technical and organizational security controls designed to prevent data loss, information leaks, or other unauthorized use of data. In recent years, the level of personal information in circulation has grown dramatically, which has also increased the risk of it being misused. GDPR is intended to bring fresh rigor to the way organizations protect the data of EU citizens while giving citizens greater control over how companies use their data. This sketchnote outlines five simple steps that can help organizations follow the path of continuous compliance.
This Sketchnote is based on insights by Alessandro Vallega, first published on Oracle.com