Consulting Services General Data Protection Regulation (GDPR)
The new EU regulation for Data Protection is already with us. It becomes a mandatory requirement in May 2018. This means you will need to start the transition immediately or face heavy fines of up to €20,000,000 or 4% of your global annual revenue!
Free GDPR Awareness QuestionnaireAre you ready?General Data Protection Regulation What is GDPR?
GDPR is a European Union (EU) regulation put in place in May 2016:
Repeals the Data Protection Directive (95/46/EC) from 1995
Expands the scope of personal information identifiers
Applicable in each EU member state and requires no local implementing legislation
Gives individual's the right to control their personal information
Forces businesses to provide transparent data processing and maintain individual's right to privacy
Imposes penalties on businesses in case of failure to do so
Organisations must be compliant by May 25th 2018
Expand 'Personal Data' Pool: Personal data definition now also includes genetic data, profiling information, IP address and data in cookies.
Non-EU impact: Regulations are applicable to anywhere where an EU resident's personal data is processed or monitored.
Data Protection Officer (DPO): Organisation's must have a qualified DPO, directly reporting to senior management.
Data Protection Impact Assessments: Privacy must be, by default, designed into data processing and organisations must perform Data Privacy Impact Assessments.