Project description
Helping SMEs comply with personal data protection requirements
Millions of small and medium enterprises (SMEs) in Europe do not comply with the EU’s General Data Protection Regulation (GDPR). Unlike larger enterprises, SMEs are more likely to lack a clear roadmap to compliance. Many also cannot afford access to enterprise-grade cybersecurity technology. The EU-funded SENTINEL project will work to boost SME capabilities in this domain cost-effectively through innovation. It will integrate tried-and-tested modular cybersecurity technologies with fresh, ambitious ones, such as a novel identity management system for human-centric data portability. The aim will be to enable a unified European data space and an end-to-end digital personal data protection compliance self-assessment framework for SMEs.
Objective
Over 25 million European SMEs/MEs, central within EU enterprise policy, face multiple challenges related to personal data protection; ranging from awareness, to a clear and practical roadmap to compliance, the most prominent one is the fact that, unlike larger enterprises, SMEs/MEs lack access to enterprise-grade cybersecurity technology and capacity-building for compliance, making them increasingly often victims of costly data breaches. Although, according to studies, small and micro businesses declare openness to invest in regulatory compliance, including for consultants and technology, millions of European SMEs/MEs still fail to comply with GDPR while their managers are confused about basic data security concepts, like data stewardship, encryption and secure communication. This presents a clear gap between cybersecurity- and privacy-related spending and its actual effect in personal data protection compliance.
SENTINEL aspires to bridge this gap by boosting SMEs/MEs capabilities in this domain through innovation, at a cost-effective level. SENTINEL will integrate tried-and-tested modular cybersecurity technologies with fresh, ambitious ones, such as a novel Identity Management System for human-centric data portability, enabling a unified “European Data Space” and an end-to-end digital personal data protection compliance self-assessment framework for SMEs, into a unified digital architecture. The data from these modules will then undergo disruptive Intelligence for Compliance through SENTINEL’s digital core, featuring machine learning-powered recommendations, policy drafting & enforcement for compliance and a ‘one-stop-shop’ incident response centre. Combined with a well-researched methodology for application, an open knowledge sharing hub and a wide-reaching plan for experimentation, SENTINEL will catalyse adoption of market-leading security tech among SMEs/MEs and help safeguard their and their customers’ assets.
Programme(s)
- H2020-EU.3.7. - Secure societies - Protecting freedom and security of Europe and its citizens Main Programme
- H2020-EU.3.7.6. - Ensure privacy and freedom, including in the Internet and enhance the societal, legal and ethical understanding of all areas of security, risk and management
- H2020-EU.3.7.4. - Improve cyber security
Funding Scheme
IA - Innovation actionCoordinator
115 25 Athina
Greece
The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed.