In Today’s Security Speak, Are You A Data Processor or Data Controller?
In the past, old words that were thrown around a lot were, data controller and data processor. People would say, “Oh no, no – I outsourced to a data processor, I’m not the data processor, I don’t have to do it.”
There’s no such thing anymore.
Now it’s all on the controller. Basically, they must demonstrate that they have full control over all of the data -whether they’re the processor or they hired the processor.
It’s no different than credit cards – no different than HIPPA data. If you picked up the credit card and typed it into a website, then you picked up the credit card and typed it into the website. It’s not the website’s problem, it’s your problem. You touched it; and that’s very much true of GDPR at this point.
The Cyber Security experts at RedZone can help you minimize risk. Contact my team today: (410) 897-9494 | firstname.lastname@example.org.