GDPR implementation
What does GDPR stand for?
GDPR=General Data Protection Regulation. Auf Deutsch, EU-DSGVO=EU-Datenschutz-Grundverornung.
En Français, RGPD= Règlement Général sur la Protection des Données.
How did it come about?
In January 2012, the European Commission set out plans for data protection reform across the European Union in order to make Europe 'fit for the digital age'. Almost four years later, an agreement was reached on what that involved and how it will be enforced.
One of the key components of the reforms is the introduction of the General Data Protection Regulation (GDPR). This new EU framework applies to organizations in all member-states and has implications for businesses and individuals across Europe, and beyond.
"The digital future of Europe can only be built on trust. With solid common standards for data protection, people can be sure they are in control of their personal information,"
What is GDPR?
At its core, GDPR is a set of rules designed to give EU citizens more control over their personal data. It aims to simplify the regulatory environment for business so both citizens and businesses in the European Union can fully benefit from the digital economy.
The reforms are designed to reflect the world we're living in now and bring laws and obligations - including those around personal data, privacy, and consent - across Europe up to speed for the internet-connected age.
Fundamentally, almost every aspect of our lives revolves around data. From social media companies to banks, retailers, and governments -- almost every service we use involves the collection and analysis of our personal data. Your name, address, credit card number and more all collected, analyzed and, perhaps most importantly, stored by organizations.
What is GDPR compliance?
Data breaches inevitably happen. Information gets lost, stolen or otherwise released into the hands of people who were never intended to see it -- and those people often have malicious intent.
Under the terms of GDPR, not only organisations have to ensure that personal data is gathered legally and under strict conditions, but those who collect and manage it are obliged to protect it from misuse and exploitation, as well as to respect the rights of data owners - or face penalties for not doing so. Administrative fines up to 20 000 000 EUR or up to 4% of the total worldwide annual turnover (Art. 83 al.5 GDPR).
Questions?
If you have questions about the GDPR implementation or the GDPR training of your employees, please contact me directly.