1. It is an EU regulation as of 27 April 2016. Which gives EU citizens additional privacy and rights
REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL
2. GDPR is legally enforceable from 25 My 2018
3. GDPR imposes higher fines – 4% annual global revenue or 20m euro, whichever is greater. Non-EU companies that process individual data will need to comply.
4. Key features
- Obtaining permission for processing personal data must be clear and must seek affirmative response
- Data subject has the right to be forgotten and records erased
- Controllers must report data breach within 72 hours, unless it is low risk
- Adequate contracts must be in place for processing data
5. Individual rights include
- Correction
- Consent
- Access
- Portability
6. Notification of Breach must include
- How many records exposed
- Any mitigating measures taken
- Categories of data breached
- Measures taken to prevent breach
- Risks to individuals
7. What is a breach?
A personal data breach means a breach of security leading to the destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.
8. GDPR will still apply despite Brexit
9. Regulator will have beefed up powers
- Warnings
- Reprimands
- Compliance orders
- Ban processing
- Fines
- Ban processing
- Order suspension of data flows
10. You still have time – JUST
Start the process by auditing your data usage
Guide to The General Data Protection Regulation (GDPR)
Speak to one of our Experts?
We help businesses of all shapes and sizes in protecting their vital IT assets. For a consultation with our team as to how we can help protect you from a cyber breach, simply get in touch for a free, no-obligation conversation. Alternatively, our free downloadable guide offers more insight into avoiding (and surviving) a cyber-attack.