How TIBCO is Protecting your Privacy under the GDPR
Since the adoption of the new regulation in 2016 by the European Parliament, TIBCO has been readying itself for the GDPR. These preparations have included a company-wide, cross-functional, 360 degree review of our products, services, processes, and operations to ensure our timely GDPR compliance. By building upon the robust data security and privacy practices that already were in place, TIBCO’s GDPR compliance efforts have elevated our ability to protect our customers’ data.
Adapting our Policies and Practices for Today's Data Realities
As a comprehensive regulation for the cloud-based, data-driven world of today, the GDPR introduced new concepts in individual data rights and data processing security. As part of its GDPR preparations, TIBCO conducted a comprehensive review of its policies and practices, revising those that needed enhancement and developing new policies to meet these new requirements. This enhanced portfolio of policies and practices has made TIBCO a better company for all of its customers, not just those who are residents of the European Union.
Giving our Teams the Tools that They Need
Having compliant policies and practices does nothing to protect customer data if the rules are kept secret. While TIBCO always has trained its employees on data privacy and security, beginning in the summer of 2017, TIBCO instituted company-wide training for its employees on GDPR compliance. Much of this training was customized to ensure it would have maximum value. Specialized training sessions and workshops were provided to teams within the company such as engineering, cloud services, professional services, support, human resources, marketing, and finance. Coupled with corporate messaging on GDPR compliance, this training armed our employees with the knowledge they need to keep TIBCO performing to the standards of the new regulations and continues to be an integral part of our corporate training curriculum.
Holding our Suppliers to High Standards
In addition to reviewing our own policies and practices, TIBCO’s GDPR preparations included a comprehensive review of the suppliers relied upon to help deliver our world class services to our customers. Reviews of all supplier relationships were made, with a special focus on suppliers who provide data processing, hosting, or cloud services. Contracts were amended to ensure that the requirements of the GDPR were incorporated. Suppliers who did not or would not agree to abide by GDPR standards are no longer performing data processing for TIBCO. Therefore, TIBCO is helping raise the bar worldwide on data processing by raising the bar for its own supply chain.
Not a Finish Line, but a Journey
By incorporating new data processing and privacy standards in everything we do – both by design and by default – TIBCO acknowledges that GDPR compliance is not simply a finish line to be crossed, but a way of thinking about personal data that has resulted in continuous review and improvement in the way we secure data and ensure the data privacy of individuals. Rather than encouraging the collection of ever greater data deposits, GDPR challenges us to be more productive with less data. TIBCO embraces this challenge as we do our part to improve data privacy and security for all.