Trending

10 things you should know about GDPR

At this point you might be aware, GDPR – the General Data Protection Regulation for all individuals within the European Union takes effect on 25 May 2018.In this post,we take look at some important points you should know about GDPR.

#1.What is GDPR ?

GDPR stands for General Data Protection Regulation, and refers to the European Union regulation for data protection for all individuals within the European Union.The regulation (Regulation (EU) 2016/679) becomes enforceable on 25 May 2018 and replaces the data protection directive (officially Directive 95/46/EC) from 1995.

#2.Who does it Affect ?

Any individual or organisation that stores or processes personal information on an identifiable person from an EU member state (regardless if the processing or storage of information occurs in the EU or not) are affected by GDPR. GDPR rules also applies if the individual or organisation themselves is located in an EU member state.

#3.Does it apply only to organisations within EU ?

The GDPR not only applies to organisations located within the EU but it will also apply to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects.

#4.What is personal data ?

Any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.

#5.What if I don’t comply ?

Under GDPR organizations in breach of GDPR can be fined up to 4% of annual global turnover or €20 Million (whichever is greater). This is the maximum fine that can be imposed for the most serious infringements e.g.not having sufficient customer consent to process data or violating the core of Privacy by Design concepts.

#6.If I store data or process data in Cloud,would I be exempt ?

Both controllers and processors (clouds etc.,) are within GDPR enforcement.A controller is the entity/organisation that determines the purposes, conditions and means of the processing of personal data, while the processor is an entity/organisation which processes personal data on behalf of the controller.

#7.Is there any changes related to consent ?

Conditions for consent have been strengthened.Also parental consent would be required to process the personal data of children under the age of 16 for online services.

#8.Appointment/Role of Data Protection Officer

DPOs must be appointed in the case of: (a) public authorities, (b) organizations that engage in large scale systematic monitoring, or (c) organizations that engage in large scale processing of sensitive personal data.  For others,DPO appointment is not mandated.

DPO appointment will be mandatory only for those controllers and processors whose core activities consist of processing operations which require regular and systematic monitoring of data subjects on a large scale or of special categories of data or data relating to criminal convictions and offences.

#9.Data breaches should be notified within 72 hours

Data breaches which may pose a risk to individuals must be notified to the DPA within 72 hours and to affected individuals without undue delay.

#10.Privacy by Design

GDPR calls for the inclusion of data protection from the onset of the designing of systems, rather than an addition. Article 23 calls for controllers to hold and process only the data absolutely necessary for the completion of its duties , as well as limiting the access to personal data to those needing to act out the processing.

It is important to note that the GDPR is a regulation, in contrast the the previous legislation, which is a directive.

Like this post? Don’t forget to share it!

Additional Resources

Summary
Article Name
10 things you should know about GDPR
Description
In this post,we take look at some important points you should know about GDPR.GDPR stands for General Data Protection Regulation, and refers to the European Union regulation for data protection for all individuals within the European Union.
Author
Publisher Name
Upnxtblog
Publisher Logo
Karthik

Allo! My name is Karthik,experienced IT professional.Upnxtblog covers key technology trends that impacts technology industry.This includes Cloud computing,Blockchain,Machine learning & AI,Best mobile apps, Best tools/open source libs etc.,I hope you would love it and you can be sure that each post is fantastic and will be worth your time.

Share
Published by
Karthik
Tags: GDPR

Recent Posts

Developing a Strong Disaster Recovery Plan for Your Business

Operating a business often entails balancing tight schedules, evolving market dynamics, and shifting consumer requirements.…

11 hours ago

How to Secure Your WordPress Hosting by Upgrading Your Login URL

Of course, every site has different needs. In the end, however, there is one aspect…

2 days ago

Social Media Marketing: A Key to Business Success with Easy Digital Life

In today's digital-first world, businesses must adopt effective strategies to stay competitive. Social media marketing…

4 days ago

Best 7 AI Tools Every UI/UX Designer Should Know About

62% of UX designers now use AI to enhance their workflows. Artificial intelligence (AI) rapidly…

6 days ago

How AI Enhances Photoshop Workflow: A Beginner’s Guide

The integration of artificial intelligence into graphic design through tools like Adobe Photoshop can save…

3 weeks ago

The Rise Of Crypto Trading Bots: A New Era In Digital Trading

The cryptocurrency trading world has grown significantly in recent years, with automation playing a key…

4 weeks ago

This website uses cookies.