Help with GDPR and encrypting Emails \ CD's

I am looking for some advice on GDPR

Does GDPR require us to encrypt all outgoing emails? If so what is the best software for achieving this?

Same question for CD - DVD - which contain medical records

How secure is Office 365 Email in the cloud - I presume it's GDPR compliant?

Any other advice regarding GDPR would be great.
Ian PriceIT ManagerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rob HensonFinance AnalystCommented:
Are you on LinkedIn?

If so, search for a UK guy called Tony Marshall. He is a GDPR specialist and will be able to advise.

https://www.linkedin.com/in/tonymarshallgdpr

Thanks
Rob
0
KimputerCommented:
For emails, you could implement some PGP method, ex. https://www.gpg4win.org/about.html
Only emails involving personal information needs to be encrypted. Also, obviously, you need to involve the other party as well, as you both need to implement the same solution.
If no protocol with the other side has been setup and you DO need to send over personal information, you can also leave the email message itself clean (from personal information), and the rest, put it in a word/excel doc or whatever, and send it as a zip file with password protection. The password itself, you can deliver through a phone conversation.
Email will be a difficult matter, as there are always two sides when email is involved.

CD/DVD, use special software please, like ESET Endpoint Encryption: https://www.eset.com/us/business/endpoint-security/encryption/

Office 365 itself is not GDPR compliant, as you can easily send out an email with personal information to an unknown person (or even attach a full database as a flat file).
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Naveen SharmaCommented:
Email security solution for successful GDPR compliance include:

Email Archiving.
Advanced Threat Protection from malicious URLs, attachments, phishing attacks.
Email Encryption and Data Loss Prevention to ensure that your organization is not at risk of losing sensitive information.

Transferring personal data by CD or DVD:
https://gdpr.secourriel.com/mod/wiki/viewversion.php?pageid=57&versionid=286

Worth reading, GDPR Guides:
https://www.lepide.com/gdpr-guides/

GDPR Compliance – Data Collection Rules
http://expert-advice.org/security/gdpr-compliance-data-collection-rules/
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software

From novice to tech pro — start learning today.