The new EU regulation for Data Protection is already with us. It becomes a mandatory requirement in May 2018. This means you will need to start the transition immediately or face heavy fines of up to €20,000,000 or 4% of your global annual revenue!
Free GDPR Awareness Questionnaire
Are you ready?
General Data Protection Regulation
What is GDPR?
GDPR is a European Union (EU) regulation put in place in May 2016:
Repeals the Data Protection Directive (95/46/EC) from 1995
Expands the scope of personal information identifiers
Applicable in each EU member state and requires no local implementing legislation
Gives individuals right to control their personal information
Forces the businesses to provide transparent data processing and maintain individuals right to privacy
Imposes penalties on businesses in case of failure to do so
Organisations need to be compliant by May 25th 2018
Expand 'personal data' pool: Personal data definition now also includes genetic data, profiling information, IP address and data in cookies.
Non-EU impact: Regulations are applicable to anywhere where EU resident's personal data is processed or monitored.
Data Protection Officer (DPO): Organisation must have a qualified DPO, directly reporting to senior management.
Data Protection Impact Assessments: Privacy must be by default, designed into data processing and organisations must perform Data Privacy Impact Assessments.