Addressing GDPR Compliance ChallengesDevender Kumar of Mphasis Offers Insights on Key Issues
With only six months until the EU's General Data Protection Regulation is enforced, organizations across the world that handle Europeans' data are grappling with compliance challenges. Those include, for example, how long to retain personally identifiable information and how to comply with "the right to be forgotten" provision, under which individuals can ask organizations not to store their data.
"There are challenges on data retention and data subject rights especially with respect to access and erasure [of data]", says Devender Kumar, vice president and head, information risk and business continuity, at Mphasis, an IT services firm. "For example, when an employee has left the company, what should you retain? What should you remove? Or do you remove everything?
"Data subjects have certain rights to access data. So how do you manage these rights?"
In this interview with Information Security Media Group (see audio link below image), Kumar also discusses:
- Strategies for addressing GDPR compliance challenges;
- Why companies should invest more in their incidence response team;
- Why endpoint security will gain traction.
Kumar has more than 22 years of experience in the risk management, including information security, cybersecurity, and privacy. At Mphasis he is responsible for information security, cybersecurity, business continuity and privacy across all geographies.