What is the GDPR?

The General Data Protection Regulation, (GDPR) requires organizations to protect personal data and the privacy of European Union (EU) citizens on transactions occurring within EU member states. Effective May 25, 2018, this regulation replaces the data protection directive from 1995, and consists of 99 articles, adding responsibilities and in some cases new roles to organizations. 

Essentially, data protection will become a fundamental right and this regulation not only protects the rights and freedom of that data,  but it also:

  • Defines the process/steps dataholders must take to protect data
  • Stresses enforcement expectations of the GDPR
  • Allows for larger fines to be enforced
  • Requires disclosures for data security breaches

Personal data, as defined by the GDPR,  is any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person. It can be anything from a name, a (Read more...)