Alpin.io

SaaS Management and Optimization Platform

Request Demo

2018 01 16 Top10GDPRFrameBlogImage

The EU’s General Data Protection Regulation (GDPR) has been called the largest change to data protections in a generation. It is causing major disruption to how companies manage customer data in — and outside of — the EU. Not only is the new legislation incredibly far reaching, it is also lengthy and complex.

We’ve curated the top 10 GDPR frameworks to organize your efforts to comply with GDPR requirements.Your first question – does this apply to me?

If you are keeping personal data on European citizens (including emails), you are subject to these regulations. If you fail to comply by May 25, 2018, the penalties are up to €20m (or more for companies over €500m total revenue).

Do we have your attention? Good! Now, how do you begin familiarizing yourself with the regulations of the GDPR? Though there are many resources available, finding the right GDPR framework can be a challenge. In fact, a simple framework can be the most difficult to develop.In last week’s post, we curated the Top 10 GDPR Guides. Here we take a different angle, compiling the top 10 GDPR frameworks to help guide your GDPR compliance efforts. Each provides a unique perspective on how to approach the GDPR. Perhaps a single framework will speak to you, or you will find that together, they provide an overarching perspective on how to navigate your path to GDPR compliance.

Framework #1: Four Key Ingredients of GDPR

This webinar, from security vendor RSA, contains a GDPR framework covering the four main elements of GDPR. Delve into each area (breach response, data governance, risk assessment and compliance management) to better understand the main components of GDPR compliance.

framework1 RSA2

Framework #2 – GDPR Compliance Roadmap

Mailjet, a SaaS company providing an all-in-one email platform, has documented their roadmap to GDPR compliance. The spreadsheet below is a GDPR framework that shows a clear, replicable process tied to specific GDPR articles.

framework2 Medium 1

Framework #3 – 5 Phases to GDPR Readiness

IBM’s GDPR framework provides a general overview through 5 phases for GDPR compliance: assess, design, transform, operate and conform. The larger table below shows how these phases transfer into specific privacy and security activities.

framework3 IBM3

Screen Shot 2018 01 11 at 1.46.55 PM

Framework #4 – GDPR Timeline

This presentation from IT consulting firm Cognizant provides a GDPR framework with a clear definition of several key areas, including personal data and a typical GDPR compliance timeline. An additional visual (slide 20) is a second GDPR framework that breaks down areas critical to GDPR compliance: technology, data, process and people.

framework4 Cognizant

Framework #5 – How to Assemble the GDPR Road Map

This GDPR framework from consulting firm Copenhagen Compliance clearly delineates the roles of the controller, processor and data subject.

framework5 Copenhagen

Framework #6 – GDPR Priority Areas

Resource Insights, creators of HR and recruiting dashboards, assembles the key facts and priority areas of the GDPR into a very simple GDPR framework. They define 8 core areas of focus that should be addressed in order to achieve GDPR compliance.

framework6 Resource

Framework #7 – Preparing for the GDPR in 12 Steps

This 12-step GDPR framework from the UK’s Information Commissioner’s Office provides an easy way to get started with GDPR compliance. It includes links to relevant sections of the GDPR itself, and other ICO guidance produced by the EU’s Article 29 Working Party.

framework7 ICO

Framework #8 – Gap Analysis

This GDPR framework from Data Management Review provides a no-nonsense summary of how to get started with GDPR compliance. A gap analysis shows potential roles and activities you may identity in your path towards GDPR compliance.

framework8 DMR2

Framework #9 – Six Step Methodology

According to the French CNIL (National Commission of Computing and Freedoms), “the new ‘accountability’ logic under the GDPR must be translated into a change of organisational culture and should put in motion internal and external competences”. Their GDPR framework proposes six steps for GDPR readiness.

framework9 CNIL

Framework #10 – GDPR Compliance Guide

This GDPR framework, from digital business and transformation news aggregator and consultancy i-Scoop, provides an overview of key terms. Find a wealth of resources regarding the General Data Protection Regulation, its impact and the steps to take in order to attain and demonstrate GDPR compliance.

framework10 iscoop

Alpin is SaaS management, empowering organizations to monitor and control their SaaS ecosystems via a single dashboard. Illuminate your cloud application environment, including Shadow IT. Cut costs up to 30% and manage license renewals and compliance. Monitor activity. Improve security via app de-provisioning and blacklisting.Because Alpin tracks all your SaaS vendors, it’s a natural fit with your GDPR compliance efforts.

For more information on GDPR preparedness, see our other GDPR posts:

Major GDPR Fine Tracker

Automating GDPR Vendor Assessments

Top 10 GDPR Guides

Are your SaaS vendors GDPR compliant? Get the help you need to find out

Swisscom Partner Breach – How To Get Supplier GDPR Compliance

Stay in touch by subscribing to our weekly roundup – which includes news, useful tips about SaaS apps, and our latest blog posts.

We’ll use this information to contact you. Unsubscribe or change your mind anytime. We don’t share or sell your info. More details in our privacy policy.

Reader Interactions