Nokia GDPR Executive Summary
The European Union’s General Data Protection Regulation (GDPR) aims to improve protection of data that can be directly or indirectly linked to individuals. Taking effect on 25 May 2018, this regulation applies to all organizations that control or process the personal data of EU citizens, including communications service providers (CSPs). Organizations that fail to comply with the GDPR will face heavy fines in the event of a data breach. At its heart, the GDPR provides a mandate for organizations to manage and protect access to their customers’ personal data. This briefing note describes strategies that can help CSPs and other organizations fulfill this mandate. It provides practical steps for protecting access to personal data, rapidly detecting and responding to data breaches, and demonstrating GDPR compliance.