What is GDPR and why it is important ?

  • Many of you are getting emails from Twitter, Gmail, Facebook and others about a change in their privacy and data policies
  • The emails and changes are a result of the upcoming GDPR in the European Union that will impact every company that deals with any data in the EU.
  • The General Data Protection Regulation(GDPR) is a set of rules that will come into effect in the European Union on May 25, 2018
  • The aims of the GDPR are: 1)To reinforce data protection rights of individuals 2)Facilitate the free flow of personal data in the digital market
  • 3) Reduce the administrative burden.
  • GDPR applies globally and companies outside the EU will have to comply with the regulation if they process EU persons’ personal data
  • Key aspects of GDPR will be -Hefty penalties, Expanded scope, Mandatory appointment of Data Protection Officers (DPOs)
  • Under GDPR , Notify supervisory authority of data breaches “without undue delay” or within 72 hours,
  • Data protection safeguards must be built into products and services from the earliest stage of development
  • Organizations will need to ensure that they retain personal data only for as long as necessary to achieve the purposes for which the data was collected