What you need to know about GDPR

What you need to know about GDPR

What you need to know about GDPR

The concept of data protection has been around for many years, since the UK first implemented a Data Protection Act in 1984. The general data protection regulation is a piece of legislation drawn up by the European Commission to unify data protection within the EU and to govern the export of personal data beyond the EU’s boundaries.

GDPR is due to come into force across the EU in May 2018 following a two year transition period. Being a regulation rather than a directive, it doesn’t require enabling laws to be passed by member states.

Businesses and public sector organizations are collecting more data about us than ever before. Our shopping and surfing habits are constantly analyzed in order to target us with appropriate advertising and offers. As the Internet of Things expands the amount of information collected will continue to grow.

With all this information about us being held on computer systems there are, naturally, concerns about how it’s used and how safely it is stored. Since much of the information is collected by multi-national enterprises there are worries about where it might end up too.

Read Also:
Ministers aim for post-Brexit harmony on data protection

What Will GDPR Do?

Because data protection concerns stretch across national boundaries, the introduction of GDPR seeks not just to regulate data within the EU. It seeks to extend EU data protection law to any organization holding information on EU citizens, even if that organization is based outside the EU.

It sets out a number of principles which are broadly similar to those already enshrined in the UK’s Data Protection Act. These are aimed at ensuring that data is gathered for legitimate purposes, that only data needed for those purposes is held, that the data is fairly and lawfully processed, and that it isn’t held for longer than necessary.

In order to make it easier for overseas companies to comply with the principles, GDPR will also harmonize data protection requirements across the European Union. Penalties of up to four per cent of global turnover can be levied on businesses that fail to comply. Each EU member state will have to set up an Independent Supervisory Authority to investigate complaints and determine penalties. These will be overseen by a European Data Protection Board (EDPB).

Read Also:
The Hype of Big Data Revisited: It's About Extracting Value

Businesses will need to be able to demonstrate that they comply with the principles. To do this they’ll need to have documentation in place that shows how they’re processing data, they may also need to appoint a data protection officer.

GDPR gives individuals a number of rights too. These include rights of access to and rectification of data, a right to restrict processing and a right to data portability. It also imposes a "right to erasure" which allows for data subjects to request that data relating to them is erased on various grounds including withdrawal of consent and unlawful processing.

 



Data Science Congress 2017

5
Jun
2017
Data Science Congress 2017

20% off with code 7wdata_DSC2017

Read Also:
How flexible should your infosec model be?

AI Paris

6
Jun
2017
AI Paris

20% off with code AIP17-7WDATA-20

Read Also:
Medical devices: Many benefits, but many insecurities

Chief Data Officer Summit San Francisco

7
Jun
2017
Chief Data Officer Summit San Francisco

$200 off with code DATA200

Read Also:
The Rise of Insurtech in the Age of Algorithms
Read Also:
Lost Devices or Hacking Top Financial Threat? It's How You Look at the Data

Customer Analytics Innovation Summit Chicago

7
Jun
2017
Customer Analytics Innovation Summit Chicago

$200 off with code DATA200

Read Also:
Krebs’s Immutable Truths About Data Breaches — Krebs on Security

HR & Workforce Analytics Innovation Summit 2017 London

12
Jun
2017
HR & Workforce Analytics Innovation Summit 2017 London

$200 off with code DATA200

Read Also:
The Hype of Big Data Revisited: It's About Extracting Value

Leave a Reply

Your email address will not be published. Required fields are marked *