What Are Your Rights as a Data Subject Under GDPR?

May 17, 2018
By Jannine Mahone

A wise man once said, “Hold faithfulness and sincerity as first principles.” The European Union General Data Protection Regulation (GDPR) places emphasis on the data subject—the living, breathing human being whose personal information should be protected at all costs. According to the Identity Theft Resource Center, there have been almost 200 breaches in the U.S. alone in the first three months of 2018, with an exposure of over 3.6 million records.¹ Many companies that have been breached respond by providing free credit- monitoring services to the victims. However, these services are costly for the company and many consumers choose not to take advantage of the service. GDPR threatens substantial fines if companies are found to be non-compliant, forcing them to be more accountable.

GDPR gives individuals much more power to access and control the information that is held about them:

Organizations processing personal information must clearly explain that consent is being given and there has to be a “positive opt-in” from the individual. Controllers are also encouraged to develop interoperability among each other to make the subject’s data portable and easy to move across the EU.
Everyone has the right to get confirmation that an organization has information about them and to receive access to this information and any other supplementary information. Organizations must deliver the requested information within one month.
GDPR also includes a person’s rights regarding automated processing of data: individuals have the right not to be subject to a decision if it is automatic and if it produces a significant effect on a person.
The new regulation also gives individuals the power to get their personal data erased in some circumstances: if it is no longer necessary for the purpose it was collected, if consent is withdrawn, if there’s no legitimate interest and/or if it was unlawfully processed. Subjects must be able to withdraw consent with the same ease that he/she gave it.

For more information on the rights of data subjects, view our paper, How ForeScout Technologies Is Preparing for GDPR.

¹ https://www.idtheftcenter.org/images/breach/2018/DataBreachReport_2018.pdf

Five Steps to Help CISOs Manage Financial Firms’ Risk in the Age of Elastic Compute and Technology

Posted: July 11, 2018

Twitter: @tomdotdolan Financial services firms seeking competitive advantage and market success continue to face enormous pressure to innovate as they develop cutting-edge offerings. Ultimately needing scalable, available technology to drive future success. The big challenge is how to dynamically extend security and compliance to a changing business architecture powered by elastic compute and technological complexity. […]

0 comments

Ensuring Secure Elections

Posted: June 28, 2018

Securing the vote by protecting “unsecurable” and outdated voting machines Time is running out to secure America’s election systems. Before we know it, it will be Tuesday, November 6th, election day, and we will be headed to the polls to cast votes for the 435 U.S. House, 35 U.S. Senate, 36 gubernatorial elections and many […]

0 comments

Surviving a Ransomware Attack – Why You Need Visibility

Posted: June 20, 2018

Twitter: @smtaylor12 It’s 8AM on a Monday morning and you have just arrived to work with a fresh cup of coffee in hand ready to start the work week. Like every workday morning, you begin by booting your PC and logging into Windows. This time, however, you don’t see the familiar grassy knoll wallpaper but […]

0 comments

Sign up for ForeScout News.

Sign up for a visit.

Thank you for your interest in ForeScout.