GDPR has been around for two years. We’re all GDPR compliant now, aren’t we? Not really. We’ve noticed that companies are still struggling with certain misconceptions. This week, we’ll discuss three of these pitfalls. Today’s topic is GDPR misconception 2: Encryption = safety.

One of the steps a company can take to secure its digital data is using data encryption. Companies encrypt files and data to arm themselves against the catastrophic consequences of a potential data leak. Hackers can’t do much damage if all data are encrypted.

But that’s not enough. A secure GDPR policy also requires other safety measures. If hackers should crack the encryption software’s password or PIN code, they’ll be able to decrypt and use the stolen data. That’s why additional security measures, such as two-factor authentication (e.g. a password combined with a security question), should be implemented.

Data security is also directly linked to the mindset of the people who handle data: your employees. Raising general awareness is essential: it encourages employees to make a habit of permanently removing personal data they no longer need.

To conclude, anonymisation is also a possible solution for businesses who want to store data for purposes such as marketing analysis. Anonymised personal data are still usable, but can no longer be linked to individuals.

From complex legislation to clear e-learning

Do you want your company to be fully up to speed with GDPR legislation and avoid all related pitfalls? Xylos will help you set the right course. Contact us for more information or to set up an appointment.

The digital learning journey uses accessible, animated videos, exercises and interactive storytelling that makes the complex GDPR legislation relevant and understandable for every employee. A practical advantage: the training is easily accessible on smartphone or tablet.

Want to know more? We love to help you out! Get in touch for a call or demo.