GDPR (General Data Protection Regulation) & JumpCloud


There has been a lot of talk about an upcoming change to European data protection law, and you might find yourself asking, what is the General Data Protection Regulation? The General Data Protection Regulation (GDPR) is replacing the European Union (EU) Data Protection Directive (Directive 95) that was established in 1995. The world has seen some significant technological changes since 1995, so the mission behind the GDPR is to protect EU citizens from privacy and data breaches. This post will go over some of the general key changes with the GDPR. If you are interested in reading the entire regulation for yourself, you can find it here.

Key Changes

WiFI authentication RADIUSWho has to Comply and What Kind of Data is Protected?

Unlike the previous legislation, which was just a directive, the GDPR is a regulation. That means that all companies that process data in the EU must comply. Complying with the GDPR is required for two types of organizations that handle personal data, and the GDPR has termed these two types as controllers and processors. Controllers are those that determine the reason, the purpose, and conditions for collecting personal data. Processors are those that process data on behalf of a controller. Even if a company’s headquarters or data centers are not in the EU, they need to comply with GDPR if they process any type of personal data from EU citizens. Organizations that don’t comply could be fined up to 4% of global annual turnover or up to $23.6 million dollars, whichever is higher.

So what kind of personal data does GDPR protect? The following list includes the types of personal data that is protected under GDPR (CSO):

  • Basic identity information such as name, address and ID numbers
  • Web data such as location, IP address, cookie data and RFID tags
  • Health and genetic data
  • Biometric data
  • Racial or ethnic data
  • Political opinions
  • Sexual orientation

In addition to expanding the scope of which companies need to comply and what kind of data is protected, the GDPR also clarifies the rights EU citizens have over their personal data.

EU Citizen (Read more...)

*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Natalie Bluhm. Read the original post at:

Natalie Bluhm

Natalie is a writer for JumpCloud, an Identity and Access Management solution designed for the cloud era. Natalie graduated with a degree in professional and technical writing, and she loves learning about cloud infrastructure, identity security, and IT protocols.

natalie-bluhm has 171 posts and counting.See all posts by natalie-bluhm