Data Protection and the Cloud – Are you really managing the risks?

SKU: 4982

Authors: Paul Ticher
Publishers: IT Governance Publishing

Format: PDF
ISBN13: 9781787780293
Published: 06 Nov 2018
Availability: Available

Gain an understanding of how you can effectively manage the risks associated with using the Cloud and meet your data protection obligations with this essential pocket guide.

It explains:

The controller-processor relationship;
How to mitigate security risks in the Cloud;
How to comply with the EU GDPR (General Data Protection Regulation), particularly when transferring data to third countries; and
The implications of the NIS Directive (Directive on security of network and information systems) for Cloud providers.

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account. Apply online today or call our service centre team on 00 800 48 484 484.

Options:

PDF

ePub

Kindle

Price: 12,95 €

Description

Applying the GDPR to the Cloud

The GDPR was enforced on 25 May 2018, superseding the 1995 Data Protection Directive and all its local implementations. The Regulation brings a 21st-century approach to data protection, introducing new, stricter requirements for organisations and expanding the rights of data subjects.

An expert introduction

More than 81% of organisations have now adopted the Cloud in some form compared to only 24% in 2014, according to the 2018 Bitglass Cloud Adoption Report, and it’s showing no signs of slowing. However, moving data to the Cloud does not solve security problems – it adds another element that needs addressing.

The pocket guide discusses the GDPR requirements relating to Cloud sourcing and the risks attached. With a view to helping managers ask the right questions, this book aims to help you learn how to meet your data protection obligations when using Cloud services.

Your essential guide to understanding the risks associated with the Cloud

This guide explains:

How to mitigate security risks in the Cloud to comply with Article 32 of the GDPR;

How to comply with Chapter V of the GDPR when transferring data to third countries;

The controller-processor relationship; and

The implications of the NIS Directive for Cloud providers.

Supplemental material

While most of the EU GDPR’s requirements are broadly unchanged in the UK GDPR, the context is quite different and will have knock-on effects. You may need to update contracts regarding EU–UK data transfers, incorporate standard contractual clauses into existing agreements, and update your policies, processes and procedural documentation as a result of these changes.

A supplement that sets out specific extra or amended information is now available for this pocket guide, which focuses on identifying the key changes and context relating to the UK GDPR. As such, the information contained within the supplement is primarily of interest to organisations in the UK, organisations that process the personal data of UK residents, and organisations that process personal data on behalf of organisations in the UK. 

Please visit the publisher’s website to access the supplements

About the author

With a background in IT focused on CRM and other information management applications, Paul Ticher has worked on data protection for more than 20 years. He is a well-known consultant on the topic, mainly for non-profit organisations, and specialises in work with charities and voluntary organisations. Paul is the author of the standard work Data Protection for Voluntary Organisations (now in its third edition), as well as materials for ITGP and other publishers. He also carries out data protection reviews, and delivers training and webinars on the topic.

Customer Reviews

Please login to your account to leave a review.