Lazarus Alliance Uses Automation to Put Companies on the Fast Track to GDPR Compliance
SCOTTSDALE, Ariz., December 6, 2017 (Newswire.com) - Lazarus Alliance, a leading cyber security, governance, risk, and compliance (GRC) firm, is using automation to save its clients time and money as they prepare for the EU’s new GDPR privacy law.
The EU’s General Data Protection Regulation (GDPR) was adopted by the European Parliament in April 2016. The primary goals of the GDPR are to protect the personal information of EU citizens in the digital age and enhance accountability for breaches. Consumers will have several new rights under the GDPR, including the right to access their personal data, receive prompt notification of breaches, and have their data deleted upon request, also known as the “right to be forgotten.”
The GDPR will require companies to change the way in which they process, store, and protect customers' personal data, perhaps fundamentally.
Michael Peters, CEO, Lazarus Alliance
Organizations have until May 25, 2018, to comply with the GDPR.
“The GDPR is arguably the most comprehensive data privacy law passed to date, and even though it’s a European law, it applies internationally,” explains Michael Peters, CEO of Lazarus Alliance. “If your company does business with even one person or organization in Europe, you must comply with the GDPR, regardless of where you are located. You will also be responsible for ensuring that any third-party vendors that handle your European customers’ data comply. This means the GDPR will impact pretty much all large businesses and many small- and medium-sized ones.”
The cost of complying with the GDPR is expected to be very high. The International Association of Privacy Professionals (IAPP) estimates that Fortune 500 companies will spend a combined $7.8 billion on GDPR compliance, and medium-sized firms will spend an average of $550,000.
“A lot of businesses are, understandably, very concerned about compliance costs, especially as the deadline draws closer,” Peters says. “The GDPR will require companies to change the way in which they process, store, and protect customers’ personal data, perhaps fundamentally.”
To streamline GDPR compliance for its clients, Lazarus Alliance automates the process using Continuum GRC’s IT Audit Machine (ITAM). The cloud-based ITAM is a complete GRC automation solution containing a centralized repository of all IT compliance requirements, with associated controls and automated information flow for audits, assessments, and testing. Its user-friendly self-help modules encompass the full spectrum of regulatory and industry data security requirements, including GDPR-ready assessment and compliance management modules.
Peters reports that while individual results vary, Lazarus Alliance’s clients enjoy 180 percent faster report generation on average and cut their labor costs by an average of 46 percent. “All of our clients love ITAM because it’s a big money and time-saver for them. It also helps them more easily maintain compliance moving forward, especially in situations where companies are dealing with multiple data security standards. The ITAM puts everything under one umbrella.”
Peters feels that the GDPR will end up being a net positive for businesses.
“The GDPR is, at its core, about sound data governance and risk management,” Peters says. “In the end, it’s going to benefit organizations by making them reevaluate and adjust their GRC policies, procedures, and controls from top to bottom. This will strengthen their cyber security posture and make it easier for them to simultaneously comply with other applicable security standards.”
Source: Lazarus Alliance