When does GDPR take effect?


Starting on May 25, 2018, a new privacy law, the General Data Protection Regulation (GDPR), will be enforced in the European Union (EU). At Mindflash, we welcome compliance efforts with respect to the GDPR. It will raise the bar for data protection, security, and compliance across our industry.

 

How is Mindflash preparing for GDPR?

 

 

 

What it Means

What we’re Doing

Policies and Procedures

Update policies to ensure data is being handled securely.

Implementing a global overarching data protection policy, which brings together all underlying related policies including acceptable use, web application security, and data breach.

Security Measures

The GDPR requires adequate security protections while handling data.

Ensuring adequate security protections including data encryption at rest and in movement.  Mindflash’s teams are also updating our infrastructure, authentication, and logging.

Portability and transferability of data

GDPR requires transfer, edit or delete data upon EU client requests.

Mindflash is putting together a contact method for EU users to request, make modifications, or delete their data.

Identify data flows

Tracking flow of data when it hits our servers

Mapping out plan to document full data flow internally on our servers.

Data Breach Notifications

Review and update Data Breach Response Plan

Ensuring plan for affected customers will be notified within 72 hours of a data breach in writing.