Open Discussion

Expand all | Collapse all

Questions about GDPR and compliance

  • 1.  Questions about GDPR and compliance

    Posted 02-21-2018 15:01
    Hi everyone,

    Next week, Code42 product manager @Josh Evans will be doing a live Q&A from 10:30 - 11:30 CT on Wednesday, February 28. Josh specializes in compliance, including #GDPR, as well as legal hold and product security.
    You'll have the opportunity to ask questions directly next week, but if you can't make it, please share your questions in this thread and we can make sure that Josh answers them.

    What questions do you have about GDPR, legal hold, and other compliance issues?




    ------------------------------
    Lindsay Starke
    Community Manager
    Code42
    ------------------------------


  • 2.  RE: Questions about GDPR and compliance

    Posted 02-26-2018 16:52
    Hi everyone,

    I wanted to give this a bump in case anyone had questions in advance for @Josh Evans -- the conversation will be happening in this thread (similar to an AMA on Reddit) so there's nothing special you need to do to participate. Hope to see you live from 10:30 - 11:30 CT on Wednesday, February 28.

    ------------------------------
    Lindsay Starke
    Community Manager
    Code42
    ------------------------------



  • 3.  RE: Questions about GDPR and compliance

    Posted 02-28-2018 07:43
    What are the most unexpected hurdles whan American companies prepare for GDPR compliance?

    ------------------------------
    Leon Perrin
    Cloud Engineer
    Portland ME
    ------------------------------



  • 4.  RE: Questions about GDPR and compliance

    Posted 02-28-2018 10:17
    How do you see this effecting Canadian businesses with the GDPR compliance?

    ------------------------------
    Douglas Manness
    ------------------------------



  • 5.  RE: Questions about GDPR and compliance

    Posted 02-28-2018 10:44
    Regardless of what country you are in (e.g. Canada, USA, Germany, Japan, etc), if you do business with people that live in Europe and store any personal data, your organization must adhere to GDPR.

    Canada is considered to have partial "adequacy" for data transfer from Europe to Canada. While this doesn't change the need to comply, it may simplify some aspects of an organizations compliance efforts.


    ------------------------------
    Josh Evans
    Product Manager
    Code42
    ------------------------------



  • 6.  RE: Questions about GDPR and compliance

    Posted 02-28-2018 10:37
    Great question @Leon Perrin. A couple challenges come to mind:
    • The sheer number of data sources/systems that need to be identified, tracked, and accounted for within your GDPR strategy will be challenging
    • Depending on the size of your organization, getting the right stakeholders invested and engaged can be challenging
    • Adhering to right to be forgotten will pose technical challenges for some organizations


    ------------------------------
    Josh Evans
    Product Manager
    Code42
    ------------------------------



  • 7.  RE: Questions about GDPR and compliance

    Posted 02-28-2018 10:47
    Quick Disclaimer: This is not formal legal advice. Working closely with your legal and/or compliance team is a critical part in any GDPR compliance program.

    ------------------------------
    Josh Evans
    Product Manager
    Code42
    ------------------------------



  • 8.  RE: Questions about GDPR and compliance

    Posted 02-28-2018 10:51
    We have no presence in Europe and don't deal with any European clients, How does this law affect us?

    ------------------------------
    Cliff Goeke
    IT Manager
    Fayetteville AR
    ------------------------------



  • 9.  RE: Questions about GDPR and compliance

    Posted 02-28-2018 11:12
    Hi @Clifford Goeke. It sounds like GDPR won't apply to you. For others in a similar situation, the double-check is asking around to some of your business stakeholders, "Do we have any personal data for people living in Europe."

    ------------------------------
    Josh Evans
    Product Manager
    Code42
    ------------------------------



  • 10.  RE: Questions about GDPR and compliance

    Posted 02-28-2018 11:22
    This question was submitted during one of our GDPR webinars and I thought I'd throw it out here in case it's useful to others:
    Our compliance department is telling me that we also need to provide data portability for personal data. I don't know how we can do this with CrashPlan.
    Adhering to data portability with CrashPlan is straightforward. If the personal data stored on an endpoint is still present, that data can be provided to a requester according to your process. If the endpoint no longer contains that data, it can be restored if still present in an available archive (assuming the file wasn't excluded).

    ------------------------------
    Josh Evans
    Product Manager
    Code42
    ------------------------------



  • 11.  RE: Questions about GDPR and compliance

    Posted 02-28-2018 10:34
    Hi everyone! I will be answering questions for the next hour. Look forward to chatting.

    ------------------------------
    Josh Evans
    Product Manager
    Code42
    ------------------------------



  • 12.  RE: Questions about GDPR and compliance

    Posted 02-28-2018 10:46
    Josh - Thanks for doing this. You probably talk to a lot of customers. What would you say is the biggest compliance concern you here from customers today? How can Code42 help solve it?


    --
    Sean O'Brien
    Program Manager, Cloud Services
    Internet2
    +1.202.803.8993






  • 13.  RE: Questions about GDPR and compliance

    Posted 02-28-2018 11:06
    Thanks for joining @Sean O'Brien! The biggest GDPR concern is the risk. Our customers are concerned about effectively covering all aspects of the regulation including:
    • Meeting reporting timelines
    • Appropriate incident response plans
    • Accurate visibility to all systems storing personal data
    From an IT perspective, people are worried about the latest fire drill; an incident comes up because of something unexpected or a process breakdown, and the next days weeks are spent dealing with the fall out.

    More broadly, I think the same is true across most compliance regimes: They are concerned about risk. We hear comments on penalties, media attention, loss of customer trust, etc. Middle to large size organizations are often subject to multiple compliance regimes. Understanding, planning and executing compliance is a multi-disciplinary task relying heavily on people. This leaves lots of opportunity for process breakdown and increases risk.

    ------------------------------
    Josh Evans
    Product Manager
    Code42
    ------------------------------



  • 14.  RE: Questions about GDPR and compliance

    Posted 02-28-2018 11:35
    @Sean O'Brien ​you also asked about how Code42 can help address compliance concerns. With GDPR, we believe our solution supports compliance in three specific areas: Recovery, visibility and security-by-design. More information is in our "Enabling GDPR Compliance with Code42" tech overview and GDPR toolkit.

    http://on.code42.com/wp-content/uploads/2017/11/Enabling-GDPR-Compliance-with-Code42.pdf (PDF)
    https://on.code42.com/go/customer-gdpr-toolkit-success/

    For other compliance programs, where we believe Code42 enables compliance, we have documented how we can help:

    https://www.code42.com/compliance/

    ------------------------------
    Josh Evans
    Product Manager
    Code42
    ------------------------------



  • 15.  RE: Questions about GDPR and compliance

    Posted 02-28-2018 11:43
    Thanks so much @Josh Evans for taking the time for this today, and thanks to all of you who added to our collective knowledge base by asking questions. We're wrapping this live Q&A up for now, but please feel free to keep asking questions around compliance, GDPR, and everything else in the community. Also, please let me know if there are other topics you'd like to see a similar Q&A about.

    Have a great rest of your day, everyone!​​

    ------------------------------
    Lindsay Starke
    Community Manager
    Code42
    ------------------------------