SD Elements Helps Streamline GDPR Article 25 Compliance Requirements
TORONTO, Ontario — March 15, 2018 — Security Compass, providing organizations with the knowledge, training and technology to enable secure agility, today reminds organizations struggling to comply with the looming General Data Protection Regulation (GDPR) deadline that its flagship application security platform, SD Elements, automatically incorporates requirements for Article 25, Data Protection by Design and Default, into the secure Software Development Lifecycle (SDLC).
European Union data protection authorities will begin enforcement of the GDPR on May 25, 2018. The penalties for noncompliance are severe. When it comes to software development, GDPR stipulates that organizations must take measures to show that they have thoughtfully integrated data privacy compliance into an application at both the technical and organizational levels. GDPR Article 25, “Data Protection by Design and Default,” contains several new regulations for the development and management of software to ensure data privacy and protection. This has proven particularly challenging for organizations because it requires substantial changes to common development practices.
SD Elements automatically reconciles these complex GDPR policies with development procedures operating in an agile environment. Providing tailored security advice for each phase of the software development lifecycle, SD Elements simplifies GDPR compliance by using a series of tasks and reports that can be assigned to developers and monitored for completion. This automated approach translates GDPR’s complex requirements into readable guidance and code samples for software architects and engineers to immediately act. For auditing purposes, SD Elements also features robust tracking, logging, and reporting capabilities, so it’s easy to prove that GDPR controls have been implemented and validated to be working correctly.
“SD Elements provides more than just a static translation — it’s a dynamic system that is contextually aware of the specific requirements and tech stack for an application,” said Rohit Sethi, COO of Security Compass. “As the first and only application security platform to build GDPR requirements into the SDLC, users can reduce organizations risk by turning policy into procedure — without interrupting development or software delivery.”
SD Elements can help implement new features in software systems that GDPR requires, such as:
- Data portability (export and transfer between systems)
- Right to be forgotten and opt-out (capability to delete personal data)
- Mandatory security measures (encryption, anonymization, etc.)
- Consent (Only necessary data can be collected)
- Data transfer between countries and to the third parties
To download a complete guide on how SD Elements can help incorporate Data Protection by Design and Default into software development, go to: https://www.securitycompass.com/gdpr-compliance/
April H. Burghardt
PR Consultant for Security Compass