GDPR for dummies
The new GDPR regulations can be hard to navigate. This article gives you a brief GDPR for dummies overview of some of the main issues, of which you should be aware prior to the application of the General Data Protection Regulation (GDPR).
What is GDPR?
The EU’s General Data Protection Regulation (GDPR) is the result of a lot of effort being put into creating transparency to help the right of individuals. The GDPR is a culmination of several new rules on how companies and other organisations are allowed to collect data from any EU residents. All organisations outside Europe also need to undertake these new rules when doing business.
The primary objective is to allow individual citizen to have control of their own personal data. Additionally, it is also an effort to simplify the regulatory environment for international business by unifying regulations within the EU.
Is your IT department doing what they should?
The GDPR will apply from the 25th of May 2018. While the majority of IT professionals are well aware of the of the earnestness of GDPR just under half of them are preparing for according to a survey by Imperva. If companies do not obey these rules they can face large fines varying from 4% of their annual revenue to €20 million depending which one is larger. This emphasises just how serious the GDPR should be taken.
Does GDPR apply to me?
The new regulations will apply to all ‘processors’ and ‘controllers’ of data. A data controller could be any organisations (from non-profit to a government or charity) who states why and how the personal data is being processed. The data processor could be any a third-party doing the actual processing of data for example an IT company doing the actual data processing.
What should I do before the GDPR comes into practise?
There are several online checklists to be found. We recommend having a look at the U.K. Information Commissioner’s Office checklist which highlights 12 steps you can take to begin preparing now for the GDPR. You can access the list here. However, the checklist dose not exclude the potential need for a lawyer or other professionals in order to ensure that your company is on track with the new regulations.