Why Automated Sensitive Data Catalog
A common misconception is that IT teams can manually compile a list of sensitive data
(1) The GDPR only applies to companies with physical presence in EU.
Fact: The GDPR applies to any company that handles the personal data of EU residents, even if the company has no physical presence in the EU.
(2) GDPR compliance is a one-time effort.
Fact: Let’s say your organization has implemented GDPR’s right-to-erasure requirement. However, IT systems are constantly changing. New sensitive data locations will be created, eventually. Will you get notified when that happens?
(3) We know where our customer personal data is stored.
Fact: Customer personal data could be stored in unsuspected locations:
(4) My organization has little customer personal data.
Fact: Your organization may have more customer personal data than you think:
(5) Fines will not break my business.
Fact: GDPR fines and penalties can go up to 20 million Euros or 4 percent of annual global turnover, whichever is higher.
A few things to note about the non-compliance fines and penalties:
In a related blog post, we lay out how Kogni, with its automated sensitive data discovery engine and monitoring, can help accelerate the GDPR compliance journey.
Interested in learning more about Kogni? Request Demo