Data Protection as a Service

Some examples

• A 2020 report confirms 9 out 10 data breaches are caused by your users.
• Researchers from Stanford University and a cybersecurity organization found that approximately 88 percent of all data breaches are caused by an employee mistake. Human error is still very much the driving force behind an overwhelming majority of cybersecurity problems. 
• The study  at by Stanford University on the psychology of human error highlighted that employees are unwilling to admit to their mistakes if organizations judge them severely. Over half of incidents are not reported to management due to employees being scared or feeling guilty (same study).
• GDPR fines are mostly due to lack of data security, informing people (privacy policies ) and a proper legal basis.
• People may not be aware about the difference between pseudonymized data (= personal data ) and anonymized data, and when they think they have anonymous data when they in fact don’t, so they fail to comply to any GDPR obligation and thus risk fines if reported.
• Employers  may also not know that anonymized data is perhaps not GDPR anymore, but can still be subject to other legal constraints, such as IP rights, and therefore, you cannot just drop your data into an open-source tool and make it public.
• People are often confused about the right to being forgotten in combination with “the company has to forget all about me and any financial claim they have on me”. A company, on the other end, may not fall back on ‘we’re going to keep this data because there is still a legal claim open’ if they are actually not going to do anything with this at all. Then companies do need to forget about a person.