Box, an enterprise content management platform, has launched new services to help its customers comply with GDPR.
The growth of cloud adoption, an increase in amount of data, and the growth of compliance and privacy complexity has lead to the company providing a new solution for global data privacy.
It has released a self-serve, easy-to-execute Data Processing Addendum (DPA) which requires only a electronic signature from the customers. The DPA is available at no cost for all current Box service agreements, is signed by both Box and the customer, and lists all the approved legal mechanisms for data processing.
Box claims this makes it easier for it customers to formalise and share the data they use in a ‘controlled and managed environment’, which can be used to demonstrate their data is being processed to meet GDPR obligations.
Box Consulting is also rolling out a new compliance-focused service to help customers as prepare for, understand, and address evolving compliance requirements such as GDPR, PCI DSS, FedRamp, and HIPAA from a cloud content management perspective.
For GDPR preparedness specifically, Box said it will engage with customers to develop a formalized data protection framework leveraging and centering on the Box application. This service include assisting customers in developing a strategy for categorizing their data and running the corresponding risk profile analysis, along with helping its customers develop a data protection framework.
It also provides implementation services to assist customers with implementing Box in accordance with their own derived implementation framework, as well as cross-industry perspectives on Compliance/Data Protection Obligations.
GDPR, which is implemented in May this year, requires companies to protect EU citizens’ personal information. The regulation also gives EU citizens the right to be forgotten, the right to object, and the right to restrict processing of their data.
Copyright © 2018 RegTech Analyst
Copyright © 2018 RegTech Analyst