With the adoption of the new General Data Protection Regulation (GDPR) on 27 April 2016, there have been many questions and concerns as to what it is and what it means for individuals. The GDPR doesn’t take effect until 25 May 2018, but being properly informed and understanding it now is the best way to be prepared for the new regulation.
What is the GDPR? It is a regulation that the European Parliament, the Council of the European Union and the European Commission will use to strengthen and unify data protection for everyone within the European Union. It doesn’t just cover data within the EU, it will also address the export of personal data outside the EU as well.
Why do we need the GDPR? The main goal of the GDPR is to give individuals in the EU control over their personal data again. Another objective of the new regulation is to help simplify the regulatory environment for international business by unifying regulations within the EU. This is something the old data protection directive was not designed to do.
Post-Brexit, UK organisations that process personal data of individuals in the EU, will need to ensure their compliancy. This means developing clear policies and procedures that can protect personal data, while also creating effective technical and organisational measures.
What are some of the changes introduced by the GDPR? The General Data Protection Regulation introduces many new changes for organisations including:
- A broader definition of personal data.
- Children’s data will need a consent to receive.
- The rules for obtaining valid consent have also been changed.
- Some companies will require a data protection officer to become compliant.
- New data breach notifications requirements.
- Data subjects have the right to be forgotten.
- New international data transfers restrictions.
- Data processors are now responsible for protecting personal data.
- new data portability requirements.
- Processes must be built on the principle of privacy by design
If you want to be better prepared, contact Blue Door Software and let us help create your GDPR readiness strategy today.