GDPR: An Overview on Data Protection Regulation by EU Parliament

What is GDPR?

GDPR stands for general data protection law. It is a set of rules and regulations which is designed for European Union(EU) countries citizens to give more control over their personal data.

The European Parliament adopted GDPR in April 2016. It constitutes provisions and laws that require businesses to protect the privacy and personal data of EU citizens for all the transactions that placed within EU countries.

In Today’s Internet(tech) savvy world, almost everything revolves around data. from Social media companies, E-commerce businesses, to banks, Education and government sector, every service we use involves the collection and analysis of data to read consumer mind and buying behavior. They not only analyzed our personal data perhaps they might be stored.

What does GDPR compliance states?

Nowadays, As the data gets collected easily for being served, data breaches have become a big threat and can inevitably happen because information gets lost, stolen or may be released into the hands of wrong people, who are not intended to see it.

So under the regulation of GDPR, Every organization need to ensure that all the personal data gathered legally and under strict circumstances and those who collect and manage need to give assurance to protect it from any exploitation or misuse as well as respect the rights of data owners.

And soon after GDPR comes into effect, the organizations have to report certain kind of data breaches which involve any unauthorized access or loss of data and in some confidential or critical cases, they also need to inform the affected individuals.

On breaking any of these compliance they will have to face strict penalties by the law. That could be €20 million or 4% of the annual turnover(Whichever is greater) of the organization.

Who comes under GDPR rule?

GDPR rules are applicable to all the organization who is operating within the EU region as well as outside of the EU who works or offer their goods/services in the EU countries. So This directly means that almost every major corporation/organization around the world will have to be ready when GDPR comes into effect.

Important facts about GDPR

1. The personal data that comes under this rule include name, address, and photos. Along with that GDPR extended its definition of personal data which can further include IP addresses, web cookies, sensitive personal data for eg; genetic data and biometric data, which could also be manipulated to uniquely identify any individual.

2. The GDPR compliance will be applicable across the European Union from May 25th, 2018. So till then, all organizations are expected to be in effect with GDPR compliance and Every enterprise falling under the EU region or the organizations who serves in these regions should have a comprehensive GDPR compliance policy in place.

3. According to GDPR compliance companies need consent from the individual to process their information. They won’t be allowed to store the data for longer than necessary, and they must respond to requests from customers who want their data deleted under ‘Right to be forgotten’ act of GDPR

References:

www.gdpreu.org/compliance/fines-and-penalties

http://www.europarl.europa.eu/news/en/press-room/20160407IPR21776/data-protection-reform-parliament-approves-new-rules-fit-for-the-digital-era

https://iapp.org/media/presentations/A12_EU_DP_Regulation_PPT.pdf

Visit Us at Scideas Solutions

Scroll to Top