General Data Protection Regulation (GDPR)

Google Cloud Digital Sovereignty Announcement

On September 8th, 2021 Google and T-Systems announced their intention to build and deliver sovereign cloud services for German enterprises, the public sector, and healthcare organizations.  So, what are a sovereign cloud services and why does this announcement matter? Sovereign Cloud…

A First End to the Schrems II Limbo

Writing about legal topics is always a challenge. I am not a lawyer, but as an analyst and advisor, however, I almost inevitably encounter the implications of laws and current case law. Thus, this text describes only a personal assessment and is not intended to be, and should not be used as,…

Analyst Chat #79: DNS and Privacy

Your DNS server knows what websites you use, what the name of your mail server is, and which corporate services you use while working from your home office. And there are even broader challenges when it comes to protecting sensitive personal data in that context. Alexei Balaganski and…

Alan Bachmann: Bringing Accountability to the Digital Identity While Preserving Privacy and Security

Cloud Codes of Conduct Get the EU Green Light, but More Is Still Needed

Green Light On May 20th, 2021 it was announced that the EU Cloud Code of Conduct had received official approval by the Belgian Data Protection Authority, following the positive opinion issued by the European Data Protection Board.  At the same time, the European Data Protection…

Frances Zelazny: The Co-Existence of Biometric Identity, Consumer Privacy, and Digital Security

Analyst Chat #70: AdTech and Future Alternatives to 3rd Party Cookies

Annie Bailey and Matthias continue their conversation around privacy, targeted marketing and the end of the era of the 3rd party cookie, that they started two weeks ago. They discuss the characteristics and the pros and cons of upcoming approaches, while this technology area is still…

Analyst Chat #68: FloC and the Death of the 3rd Party Cookie

Tracking of users via 3rd party cookies has been a constant issue regarding compliance and user privacy. This is about to change, as 3rd party cookies are being more and more blocked in browsers like Firefox and Safari. And Google has announced the same step for Chrome in upcoming…

Privacy Compliance That Empowers Instead of Hinders

Protecting user privacy has become much more complicated as of late. Organizations must optimize consent rates while ensuring compliance with ever-changing global regulations and frameworks. They must look critically at their own processes to identify gaps or failures to meet privacy…

Interview on Privacy & Consent Management (Ian Evans, Managing Director at OneTrust)

KC Analyst Anne Bailey interviews Ian Evans, Managing Director at OneTrust, about privacy and consent management.

Anne Bailey: Core Functionalities

Anne Bailey: Market Overview

John Tolbert: Methodology

John Tolbert: Topic Overview - Challenges and Trends

Analyst Chat #43: Privacy and Consent Management

Anne Bailey and Matthias Reinwarth discuss the findings of the recently published Leadership Compass on Privacy and Consent Management.

Privacy and Consent Management

This report provides an overview of the market for Privacy and Consent Management platforms and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative…

Core Features of Privacy and Consent Management Solutions

Building a trust-filled and transparent relationship with end-users depends now more than ever on Privacy and Consent Management solutions. These services accomplish many tasks such as helping organizations collect and manage consent signals provided by end-users, managing cookies and…

Imagining Future Regulations on AI – Similarities to the GDPR?

There are ongoing discussions from high-level expert groups from the EU Commission about what regulation of Artificial Intelligence – particularly the algorithms that process data – will look like. There is a high priority to not only create alignment with the GDPR but to add…

Digital Identities & Healthcare IAM: Balancing Efficiency in Clinical Workflows and the Need for Security & Privacy

IAM infrastructure is becoming increasingly critical to the business success of healthcare providers. This is driven in the first instance by digitization and connectivity of everything and the inevitable efforts of cyber-criminals to compromise the newly connected assets. At the same time,…

CoronaApp: Time to Act Now, Not to Talk

Kuppingercole's Principal Analyst Martin Kuppinger gives his opinion on problems and arguments surrounding various apps for tracking the spread of the virus. And privacy is not the biggest challenge here...

Sep 13 - 16, 2021: European Identity and Cloud Conference 2021

The European Identity and Cloud Conference returns fully digitalized, reacting to the global pandemic. We have collected a lot of experience in virtual conferencing throughout 2020 to be able to offer you a safe and hygienic event experience – on-site, virtual, and hybrid.

What Does the Future Hold for Passwordless Authentication and Zero Trust?

Enterprises of all types face a growing number of cyber threats today. Studies show that most data breaches begin with compromised passwords. Moreover, password management is expensive and not user-friendly. Enterprise workforce users are driving the consumerization of IT. They want the…

Executive View: Onegini Connect - 80168

Onegini provides a compelling no-code cloud-delivered solution for Consumer Identity and Access Management (CIAM) and B2B IAM. Onegini is headquartered in the Netherlands, is expanding across Europe, and has global ambitions. They have expertise in EU regulations such as GDPR, PSD2 and…

Leadership Brief: Six Key Actions to Prepare for CCPA - 80353

From January 1st, 2020, when the California Consumer Privacy Act (CCPA) came into force, the requirements for managing personal data have changed.  This report identifies six key actions that IT needs to take to prepare for compliance.

Applying the Information Protection Life Cycle and Framework to CCPA

The California Consumer Privacy Act (CCPA) became effective on January 1, 2020. Enforcement is slated to start by July 1, 2020. CCPA is complex regulation which does bear some similarities with EU GDPR. For more information on how CCPA and GDPR compare, see our webinar. Both regulations deal…

Whitepaper: Healthcare IAM: Enhance the Clinical Workflow - 80163

The Healthcare sector faces the common challenges of all businesses today: digital transformation, cyber-security, and increasingly stringent regulations. But Healthcare also has unique challenges because clinical operations depend on continual access to customers’ most sensitive…

Mar 05, 2020: What Does the Future Hold for Passwordless Authentication and Zero Trust?

Enterprises of all types face a growing number of cyber threats today. Studies show that most data breaches begin with compromised passwords. Moreover, password management is expensive and not user-friendly. Enterprise workforce users are driving the consumerization of IT. They want the same…

Executive View: Informatica Data Privacy Management - 80276

Informatica Data Privacy Management is an AI-enhanced unified data security platform for identifying, analyzing, quantifying and mitigating risk related to sensitive data to enable businesses to get the most out of company data and digital transformation processes without exposing the…

Advisory Note: Future of Identity Management - 71303

Digital identities are at the core of Digital Transformation, Information Security and Privacy, and therefore it has never been more important for enterprises to ensure they have the capability to manage identities effectively and efficiently in a rapidly changing business, regulatory and…

The Information Protection Life Cycle and Framework

The Information Protection Life Cycle (IPLC) and Framework describes the phases, methods, and controls associated with the protection of information. Though other IT and cybersecurity frameworks exist, none specifically focus on the protection of information across its use life. The IPLC…

Complying With PSD2: Everything You Need to Know

With the Revised Payment Service Directive (PSD2) coming into full effect this fall, banks and online retailers need to adapt to changes that carry with them many regulatory and technical challenges. Acknowledging these extensive changes, Germany’s Federal Financial Supervisory…

Akamai to Block Magecart-Style Attacks

Credit card data thieves, commonly known as Magecart groups, typically use JavaScript code injected into compromised third-party components of e-commerce websites to harvest data from shoppers to commit fraud. A classic example was a Magecart group’s compromise of Inbenta…

GDP R U Compliant?

Almost one and a half years after the introduction of GDPR (EU General Data Protection Regulation), some companies still struggle with implementing appropriate measures to deal with Personally Identifiable Information (PII) in a compliant fashion. Last week the Commissioner for Data…

Oct 29, 2019: Complying With PSD2: Everything You Need to Know

With the Revised Payment Service Directive (PSD2) coming into full effect this fall, banks and online retailers need to adapt to changes that carry with them many regulatory and technical challenges. Acknowledging these extensive changes, Germany’s Federal Financial Supervisory Authority…

Assuming High Criticality: Resilience, Continuity and Security for Organizations and Infrastructures

Acronyms are an ever-growing species. Technologies, standards and concepts come with their share of new acronyms to know and to consider. In recent years we had to learn and understand what GDPR or PSD2 stand for. And we have learned that IT security, compliance and data protection are key…

Leverage Enterprise Architecture to Achieve GDPR Compliance

Several measures have been undertaken by Organizations at various levels to comply with GDPR, most of which remain reactive, fragmented and largely ad-hoc. These controls are also not continuous in nature and therefore fail to satisfy ongoing compliance requirements. Organizational leaders…

Is Multilayered Cyber-Defense Out Already? Against Rising Breaches and Vulnerabilities, Data-Centric Security to the Rescue!

As the growing number of high-profile data breaches indicates, even the largest companies are still struggling with implementing consistent enterprise-wide information security measures. Setting up various security tools for numerous different applications, services, and heterogeneous…

Sustainable Data Management

Getting competitive advantage from data is not a new idea however, the volume of data now available and the way in which it is being collected and analysed has led to increasing concerns. As a result, there are a growing number of regulations over its collection, processing and use.…

Executive View: BigID - 80046

With today's mounting regulations to protect sensitive customer data, organizations are faced with new requirements, challenges and compliance risks. BigID assist organizations with their data compliance requirements by helping them find, categorize and map their data at scale.

The Foundation for GDPR Compliance and PI/PII Protection: Understand Where Data Resides and Who Processes It

The EU GDPR requires covered organizations to be able to account for and document how personal data is collected, processed and shared.  What many companies often fail to realize is that this data is not only stored in specialized and appropriately secured silos such as…

Jun 05, 2019: Leverage Enterprise Architecture to Achieve GDPR Compliance

Several measures have been undertaken by Organizations at various levels to comply with GDPR, most of which remain reactive, fragmented and largely ad-hoc. These controls are also not continuous in nature and therefore fail to satisfy ongoing compliance requirements. Organizational leaders…

May 23, 2019: Is Multilayered Cyber-Defense Out Already? Against Rising Breaches and Vulnerabilities, Data-Centric Security to the Rescue!

As the growing number of high-profile data breaches indicates, even the largest companies are still struggling with implementing consistent enterprise-wide information security measures. Setting up various security tools for numerous different applications, services, and heterogeneous…

Building Trust by Design

Trust has somehow become a marketing buzzword recently. There is a lot of talks about “redefining trust”, “trust technologies” or even “trustless models” (the latter is usually applied to Blockchain, of course). To me, this has always sounded……

Data Privacy & CX

Beyond the new data privacy regulations: how to improve customer understanding and the customer experience? When it comes to state-of-the-art sales and marketing, customer experience (CX) is a highly important topic. Creating and analyzing outstanding customer journeys while considering…

CCPA vs. GDPR: An Overview on Similarities and Differences

Over the last few years, the world has witnessed an increasing number of data breaches involving the credentials and PII of employees, citizens, and consumers. We've all experienced breach fatigue and/or been impacted by these losses.

Apr 02, 2019: The Foundation for GDPR Compliance and PI/PII Protection: Understand Where Data Resides and Who Processes It

The EU GDPR requires covered organizations to be able to account for and document how personal data is collected, processed and shared. What many companies often fail to realize is that this data is not only stored in specialized and appropriately secured silos such as databases. In fact,…

CCPA: GDPR as a Catalyst for Improving Data Protection Outside the EU

It wasn't too long ago that discussions and meetings on the subject of digitization and consumer identity access management (CIAM) in an international environment became more and more controversial when it came to privacy and the personal rights of customers, employees and users. Back then…

Feb 12, 2019: CCPA vs. GDPR: An Overview on Similarities and Differences

Over the last few years, the world has witnessed an increasing number of data breaches involving the credentials and PII of employees, citizens, and consumers. We've all experienced breach fatigue and/or been impacted by these losses.

Martin Kuppinger's Top 5 IAM Topics for 2019

Where to put your focus on in 2019

Online Forms Are Out of Date – There Are New Ways to Sign Up Customers

An extreme lack of innovation has led to online forms dominating online buying for over two decades. The latest identity platforms use fast, easy, and secure technology to streamline customer sign-ups and simplify data. Today, customer experience is the main differentiator for businesses…

Another Astounding Data Breach Hits the Confidence of Customers

The dust is still setting, but the information on this case currently available, which also includes the official press release, is worrying: Just this Friday, November 30, the hotel chain Marriott International announced that it has become the target of a hacker attack. Marriott's brand…

Cybersecurity Leadership Summit Berlin 2018 - Review

This month we launched our Cybersecurity Leadership Summit in Berlin. A pre-conference workshop entitled “Focusing Your Cybersecurity Investments: What Do You Really Need for Mitigating Your Cyber-risks?” was held on Monday. The workshop was both business-oriented and technical…

Marketing Automation Systems and GDPR Readiness - 80018

Marketing automation systems are key when it comes to digital or omni-channel marketing. This KuppingerCole Buyer’s Guide will provide you with questions to ask vendors, criteria to select your vendor and requirements for successful deployments. It will also prepare your organization…

Sep 18 - 19, 2019: Digital Finance World 2019

Welcome to the new world of Digital Finance: DFW - Digital Finance World, Frankfurt, September 18 – 19, 2019 - is the place for finance innovators from traditional players to meet with Fintechs and Start-ups to shape the Future. Here you can interact with a targeted and engaged financial…

How to Handle Consent to Be Compliant With the GDPR and the Upcoming ePrivacy Regulation

GDPR is here to stay and the new ePrivacy regulation is on the horizon, but many organizations are still not yet in full state of compliance. A core requirement for compliance with GDPR is the concept of “consent,” which is fairly new for most data controllers. Now, with the…

Customer Identity Access Management (CIAM): Creating the Foundations for User Focused Digital Business, GDPR Compliant

Digital Business Transformation is a continuous process that affects all areas of doing business, with technology finally getting the right focus: The customer and his/her experience with your business. It is now all about providing that ultimate Frictionless CX (customer experience) so…

Consumer Identity World (CIW) USA 2018 - Report

Fall is Consumer Identity Season at KuppingerCole, just in time for holiday shopping. Last week we kicked off our 2018 tour in Seattle. The number of attendees and sponsors was well up over last year, indicating the significant increase in interest in the Consumer Identity and Access…

Nov 06, 2018: How to Handle Consent to Be Compliant With the GDPR and the Upcoming ePrivacy Regulation

GDPR is here to stay and the new ePrivacy regulation is on the horizon, but many organizations are still not yet in full state of compliance. A core requirement for compliance with GDPR is the concept of “consent,” which is fairly new for most data controllers. Now, with the GDPR regulation…

Digital Identities in the Internet of Things - Securely Manage Devices at Scale

The Internet of Things is disrupting all industries and use cases; from customer IoT, to Industrial IoT. Companies are forced to become more innovative with their products whilst their services are being, or will be, digitized. Top drivers of this digitization are eroding margins and…

Consumer Identity & Access Management (CIAM), Big Data and the Internet of Things (IoT)

It is all about providing your customer a great experience so that they return to you and not to your competitor, who has never before been that close to your business. Anticipating, maybe even in advance, your customer's needs has on the one hand become a must. On the other hand, GDPR is…

Oct 02, 2018: Customer Identity Access Management (CIAM): Creating the Foundations for User Focused Digital Business, GDPR Compliant

Digital Business Transformation is a continuous process that affects all areas of doing business, with technology finally getting the right focus: The customer and his/her experience with your business. It is now all about providing that ultimate Frictionless CX (customer experience) so that…

Sep 11, 2018: Consumer Identity & Access Management (CIAM), Big Data and the Internet of Things (IoT)

It is all about providing your customer a great experience so that they return to you and not to your competitor, who has never before been that close to your business. Anticipating, maybe even in advance, your customer's needs has on the one hand become a must. On the other hand, GDPR is…

Sep 25, 2018: Digital Identities in the Internet of Things - Securely Manage Devices at Scale

The Internet of Things is disrupting all industries and use cases; from customer IoT, to Industrial IoT. Companies are forced to become more innovative with their products whilst their services are being, or will be, digitized. Top drivers of this digitization are eroding margins and…

The Digital Transformation and the Role of the CISO

Cybersecurity needs to be at the heart of the digital transformation, but organisational models will have to evolve Cybersecurity is in the process of becoming an essential component of any organisation’s digital transformation journey. There is no way around this, especially as…

Cross-Border Data Management and Cybersecurity: Walking the Tightrope of Compliance and Business Efficiency

Guest Author: Jordan L. Fischer, Esq., Co-Founder & Managing Partner of XPAN Law Group, LLC Technology is changing rapidly, correlating in an increasing amount of data collected every second.  These technologies cross-borders and allow businesses to operate on a global scale, at…

"Archive != Delete": Bring Back the Delete Button

Why does it seem to be getting harder to delete information online? GDPR will take effect in just a few days. GDPR empowers EU people to take control of their personal information. When in force, GDPR will mandate that companies and other organizations which control or process personal…

How (Not) to Achieve Instant GDPR Compliance

With mere days left till the dreaded General Data Protection Regulation comes into force, many companies, especially those not based in the EU, still haven’t quite figured out how to deal with it. As we mentioned countless times earlier, the upcoming GDPR will profoundly change the way…

Will Your Security Solutions Violate GDPR?

As the May 25th, 2018 GDPR enforcement date approaches, more and more companies are actively taking steps to find, evaluate, and protect the personally identifiable information (Personal Data) of EU persons. Organizations that do business with EU persons are conducting data protection impact…

Whitepaper: Varonis - Daten kennen - 79028

Neue Regulierungen wie die Datenschutz-Grundverordnung (DSGVO) und die stetig wachsende Gefahr durch Cyber-Attacken führen zu einem hohen Druck auf Unternehmen. Es gibt aber auch Chancen, wenn man versteht, wo die wirklich wertvollen Daten liegen und sich darauf fokussiert, diese Daten…

Prof. Dr. Heiko Beier - Is it Facebook's End Game? Why Social Networks as we know them Today will not Survive

The real problem behind the recent Facebook scandal is not primarily that a company like Cambridge Analytica has "gained" access to the personal information of millions of Facebook users and misused them for political manipulation. It is the business model of social networks itself: Letting…

European Identity & Cloud Awards Ceremony

European Identity & Cloud Awards Ceremony

Jeff Jonas - Do you Know What You Know About the Data Subject?

GDPR obligates organizations to provide data subjects with access to their personal data. To comply, companies must be able to answer a seemingly innocuous but frighteningly difficult question: What do we know about the data subject? Further, organizations must respond to Data Subject…

Naresh Persaud - How to Enable Trust with Interoperable & Shared Credentials

The focus of digital identity for consumers and enterprise is to remove silos, minimize redundant effort, enable better collaboration and provide a foundation for regulatory compliance. The challenge is that shared credentials for both commercial and public-sector organizations will require…

Dr. Torsten George - Zero Trust: Solving IT Security’s Identity Crisis

Although companies are constantly increasing their cybersecurity budgets, this does not seem to help much: each day we learn about new large-scale data breaches. Considering that over 80% of hacking-related breaches leverage compromised user credentials, it’s mindboggling why so many…

Joy Chik - Planning for Tomorrow: Connecting Identities for People, Processes, and Things

Social, economic and technological changes are creating urgent new requirements for enterprise identity that enable interconnected digital systems. These new use cases require a governance framework that is consistent, integrated and efficiently managed. It also needs to provide increased…

Tim Hobbs - What Connects DevOps & IAM

IAM products are highly configurable systems tailored to the diverse needs of customer environments and applications. Modern applications require short development cycles and IAM systems that can be adjusted at the same pace. Modern data centers are configuration-driven, resilient…

Martin Kuppinger - Microservices Architectures: Making IAM Hybrid

In recent times, an increasing number of vendors announced a migration of their products towards microservices architectures. Some renovate their existing on premises IAM tools, others build new solutions with a new architectural approach. Factually, the idea isn’t that new, but the…

Martin Kuppinger - The Future Model of Identity: Blockchain ID and the Digital Transformation

Distributed Ledger Technologies ("Blockchain") are the foundation for the most disruptive changes to business we are either already observing or that are on the road to becoming a reality. Based on these technologies, both new business models and fundamental changes to established models…

Patrick Parker - The AI and Robotic Process Automation Revolution and the Upcoming Redesign of IAM

The AI and Robotic Process Automation revolutions are in full swing with record growth in both sectors as well as an explosion of new startups in this space. Not to be left behind, existing vendors are rushing to heed the call of AI and automation by sprucing up there existing product…

Mo Ahddoud - SGN Securing Shared Credentials at The Heart of Digital Transformation

The future of IT security will depend on CISOs who are brave enough to build a new security model that is both innovative and unconventional. Gas distribution company, SGN, is blazing a trail that every company can follow. As a UK, critical infrastructure company SGN’s cloud-first…

Christopher Spanton - Blockchain and the Business of Identity

Identity and Access Management (IAM) within an enterprise environment presents complex challenges for any business. While new technologies, such as blockchain, have the potential to help solve some of these challenges, today bringing blockchain into solution oriented discussions can merely…

Doc Searls - How Customers Will Lead Companies to GDPR Compliance and Beyond

Nearly all advice on GDPR compliance is about what companies can do for other companies, or companies can do for themselves. There isn't much on what customers can do for companies, which may turn out to be the biggest help of all. That’s because customers are going to get more power…

Kim Cameron - The Laws of Identity on the Blockchain

Keynote at the European Identity & Cloud Conference 2018

Drs. Jacoba C. Sieders - Digital Identities and Blockchain: Experiments and Use Cases @ ABNAMRO

ABNAMRO runs over 30 blockchain experiments, also involving digital identity capabilities. Co-operation has been set –up across various coalitions, and use cases are running a lot wider than just the banking and payments industry. Academia, building-, and shipping industries are also…

Lukas Praml - Your Mobile Identity: Blockchain Ain't no Swiss Army Knife

Digital identity solutions are very wide spread and everybody is using them on a day to day basis. Mainly it can be distinguished between state issued IDs/eIDs which lack usability and are therefore not as successful as hoped and self-claimed or self-established eIDs (sometimes stored in…

Ralf Oestereich - We will Disrupt You

We will Disrupt You - Are AI, Blockchain, IoT a Blessing or Curse for an Insurance Company?

Carmine Auletta - Identity & Digital Trust

Trust is essential for a society to function. It’s even more critical in a digital society where transactions take place between parties that can only rely on each other supplied digital Identity. eIDAS Regulation provides – for the first time – a clear, universal and…

Eve Maler - The Evolution of Identity and its Importance for our Digital Lives

Identity is as old as mankind and adapted very well to its changing environments. From a simple look that determines who you are to a high frequency of multi-factor vehicle-to-vehicle authentication in autonomous driving - with Digital Transformation, Identity in digital form has become the…

Jackson Shaw - Fire Safety and Cyber-Security – Smoke Detectors are Not Enough

It takes most businesses over 6 months to detect a breach on their network. And while smoke detectors are proven to halve the death rate by fire, saving thousands of lives each year, detection is sometimes too late to prevent many buildings from burning to the ground. So imagine if it…

Jason Rose - Realizing the full potential of Consumer Identity

Customer Experience is Everything and Everything is Digital. Digital transformation is now the center of marketing, advertising and sales strategy across every industry and region, with today’s consumers demanding a seamless and relevant experience across online and offline channels…

Prof. Dr. Hans Ulrich Buhl - Unchaining Blockchain

Blockchain is much more than the technology behind its still most successful application – the Bitcoin. One of its key attributes is the immutable storage of information. Besides other applications, this enables trustful online business between two or more individuals – without…

Dr. Sridhar Muppidi - Identity Meets Fraud Protection to Establish Digital Trust

In this session, we will introduce a framework to establish digital trust based on capabilities from fraud protection and Identity. This will quickly and transparently establish a trusted, frictionless digital relationship for your customers, employees, and business partners. The session…

May 14 - 17, 2019: European Identity & Cloud Conference 2019

Come to the place where the Digital Transformation is happening. The European Identity & Cloud Conference, held from May 14-17, 2019, offers a mixture of best practice discussions, visionary presentations, and networking opportunities with a future-oriented community. More than 950 thought…

Some Perspective on Self-Sovereign Identity

Identity isn't hard when you don't always use it. For example, here in the natural world we are anonymous—literally, nameless—in most of our public life, and this is a handy thing. Think about it: none of us walks down the street wearing a name badge, and it would be strange to…

Without Prosecution, There Is No Protection

The Equifax data breach saga continues to unfold. In late 2017, the company admitted it had suffered significant data loss starting in March of last year. There were likely multiple data theft events over a number of months. At some point in May, they notified a small group of customers but…

BAIT: Clearer Guidelines as a Basis for More Effective Implementation

If legal laypersons (as I am) read legal texts and regulations, they often miss clear and obligatory guidelines on how to implement them in practice. This is not least due to the fact that laws are generally designed to last and are not directly geared to concrete measures. This type of…

Acing the Upcoming GDPR Exam

With only weeks to go until the EU GDPR (General Data Protection Regulation) takes effect on May 25th, global businesses are scrambling to figure out how to avoid the hefty fines that loom for companies failing to achieve compliance. Sanctions for non-compliance are very severe with…

2018 – the Turning Point for Social Networks

The Facebook data privacy story continues to be in the headlines this week. For many of us in IT, this event is not really a surprise. The sharing of data from social media is not a data breach, it’s a business model. Social media developers make apps (often as quizzes and games) that…

PSEUDO WHAT AND GDPR?

GDPR comes into force on May 25th this year, the obligations from this are stringent, the penalties for non-compliance are severe and yet many organizations are not fully prepared. There has been much discussion in the press around the penalties under GDPR for data breaches.…

Leadership Brief: Marketing Chatbots and GDPR - 79026

Chatbots are a recent trend in marketing automation, designed to enhance customers’ digital journeys and elicit more information from consumers. This report evaluates the impact of GDPR will have on the use of chatbots and provides an overview of topics to be considered in order to…

Holistic Approach to Cyber Risk Governance in the GDPR Era

Pressured by the Digital Transformation, corporate networks are becoming increasingly complex, spanning across multiple geographical locations and technology platforms. Unfortunately, even as companies are becoming more open to the outside world, different business units within the same…

Apr 10, 2018: Acing the Upcoming GDPR Exam

With only weeks to go until the EU GDPR (General Data Protection Regulation) takes effect on May 25th, global businesses are scrambling to figure out how to avoid the hefty fines that loom for companies failing to achieve compliance. Sanctions for non-compliance are very severe with…

Matthias Reinwarth - You Are Here! Assessing Your Organisation‘s GDPR Readiness

Presentation at the Digital Finance World 2018 in Frankfurt, Germany

Ivana Bartoletti - Meeting the GDPR Transparency Requirements in Digital Finance

Presentation at the Digital Finance World 2018 in Frankfurt, Germany

Guido Scholz - GDPR Is Not Only Law, It Is Also a Trusted Relationships with Customers

Presentation at the Digital Finance World 2018 in Frankfurt, Germany

Dr. Karsten Kinast - Preparing for GDPR: Key Aspects and Best Practices for Financial Services

The EU General Data Protection Regulation (GDPR) will be implemented in May 2018. It replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across…

Martin Kuppinger - 2018 - The Year of Disruption: Why the Finance Business Will Never Be the Same Again

The year 2018 brings major changes to the financial industry. Two disruptive regulations (PSD2 and GDPR) come into effect early in the year and will have a far-reaching impact. Their implementation can be a challenge, but through these directives new opportunities will be created.…

Best Practices and Essential Tools for GDPR Compliance

Join this KuppingerCole webinar to get practical, straightforward advice on how to prepare for GDPR, including: Devising and maintaining a plan to detect a data breach, Properly documenting evidence of compliance for auditors, Evaluating the effectiveness of your…

Make Things Happen Rather Than Watch Things Happen With Vendor-Provided Compliance Solutions

In May 2017, my fellow KuppingerCole analyst Mike Small published the Executive Brief research document entitled “Six Key Actions to Prepare for GDPR” (then and now free to download). This was published almost exactly one year before the GDPR takes full effect and outlines six…

Whitepaper: GDPR Herausforderungen mit Delphix meistern - 70368

Mit der neuen Datenschutz-Grundverordnung (GDPR) führt die EU strenge Kontrollen bezüglich der Verarbeitung personenbezogener Daten von EU-Bürgern sowie hohe Geldstrafen bei Nicht-Einhaltung eben dieser ein. Die Compliance der Grundverordnung erfordert kostenintensive…

Whitepaper: Meeting GDPR Challenges with Delphix - 70368

GDPR introduces stringent controls over the processing of PII relating to people resident in the EU with high penalties for non-compliance.  Compliance requires costly controls that can be justified for processing of PII with direct business benefits.  However, using PII for…

GDPR and Financial Services – Imperatives and Conflicts

Over the past months two major financial services regulations have come into force. These are the fourth money laundering directive (4AMLD) and the Second Payment Services Directive (PSD II). In May this year the EU General Data Protection Regulation will be added. Organizations within the…

Free Tools That Can Save Millions? We Need More of These

When IT visionaries give presentations about the Digital Transformation, they usually talk about large enterprises with teams of experts working on exciting stuff like heterogeneous multi-cloud application architectures with blockchain-based identity assurance and real-time behavior…

Mar 15, 2018: Holistic Approach to Cyber Risk Governance in the GDPR Era

As we are getting closer to the dreaded May 25th deadline, when the General Data Protection Regulation will come into force, many companies are still struggling with implementing effective risk assurance programs that constitute a key requirement for any sensible cybersecurity and compliance…

UK Open Banking – Progress and Challenges

On January 13th, 2018 a new set of rules for banking came into force that open up the market by allowing new companies to offer electronic payment services. These rules follow from the EU Directive 2015/2366 of 25 November 2015 that is commonly referred to as Payment Services Directive II…

Mar 08, 2018: Best Practices and Essential Tools for GDPR Compliance

With just over three months until the General Data Protection Regulation (GDPR) comes into force in the European Union, many organizations are still struggling to prepare for the new regulation.