IAPP-OneTrust Research: Bridging ISO 27001 To GDPR
Key Crossover Points Between Data Privacy Regulations
The move to personalized digital products and services has necessitated a new wave of information security and privacy professionals. While the two have often worked alongside one another, they have also worked separately. Traditionally, security works in a binary state: access or no access. Privacy has typically fallen on a spectrum that demands context. Yet, that dynamic is shifting.
With the European Union’s General Data Protection Regulation (GDPR), and other more stringent pieces of privacy regulation coming into force, “adequate security” is now mandated. With these complex pieces of legislation has also come a class of technologies to help privacy teams understand and comply with the mandates. Further, at their core, GDPR and regulations such as ISO 27001 focus on reducing systemic risk to people and organizations caused by data misuse. What this whitepaper sets out to do is explore how this mutual focus creates correlation between the goals, objectives and specific requirements of ISO and the GDPR. Those crossover points include security, breach notification, vendor management, record-keeping, Privacy by Design and data subject rights.
To summarize, in this whitepaper, entitled “IAPP-OneTrust Research: Bridging ISO 27001 to GDPR,” you’ll learn:
- Details on alignment between GDPR and ISO 27001
- Analysis of the overlap of specific requirements of the regulations
- How to use ISO and the GDPR to reduce risk to people and organizations
Download the full report to see how these overlapping goals, objectives and requirements reduce risk to people and organizations worldwide.