SABIS® Commits to GDPR Compliance
SABIS® is a global education network that has an active presence in 20 countries on five continents and educates over 70,000 students. As some of the network’s schools are located in the EU and several serve EU nationals, SABIS® recently took steps to ensure that it is in full compliance with the General Data Protection Regulation (GDPR), a set of requirements to ensure data privacy protection, which is considered a “fundamental right” defendable by law, according to the EU Charter.
Effective from May 25, 2018, the GDPR aims to provide EU citizens with the necessary privacy and protection of their personal data, which is defined as “any data that can be used to personally identify an individual, either directly or indirectly.” Such data include the name, birth date, phone number, home address, E-mail address, biometric details, social security number, medical history, IP address, device ID, and the like. In accordance with the GDPR, users are granted the right to be informed about information accuracy and consistency, transparency, consent, breach notification, data erasure, data portability, privacy by design, and storage limitation.
At SABIS®, appropriate technical and organizational security measures and controls have been put in place to protect personal data against accidental loss, destruction, alteration, unauthorized access, or disclosure. These measures include creating or updating all necessary documentation (including policies, consent forms, third-party contracts, etc.), developing a Data Breach Management Program to ensure that incidents are effectively managed, defining relevant roles and responsibilities, providing appropriate personnel training, and updating all applications to include the various privacy requirements (such as data anonymity, encryption, etc.).
“The enactment of the GDPR at SABIS® will help consolidate personal data, increase control over data flows, and minimize the impact of data privacy breaches,” says Nada Ayoub, SABIS® Data Protection Officer.
Acknowledging the importance and impact of the GDPR, SABIS® is committed to full compliance with its requirements, sparing neither effort nor time nor resources for the purpose of ensuring complete privacy and protection of users’ personal data.