Start a conversation

What is GDPR Compliance

Overview

This article provides a brief introduction to the General Data Protection Regulation (GDPR) was ratified by the European Union during April 2016. GDPR went into effect on May 25, 2018. All organizations outside the European Union are subject to this regulation when they collect data concerning any European Union citizen.

What is GDPR Compliance? 

GDPR was designed to give individuals better control  over their personal data and establish one single set  of data protection rules across Europe.  Personal data is defined as any information relating  to an identified or identifiable natural person.  This includes online identifiers, such as IP  addresses and cookies if they are capable of being  linked back to the data subject.  This also includes indirect information, which might  include physical, physiological, genetic, mental,  economic, cultural or social identities that can be  traced back to a specific individual. There is no distinction between personal data about  an individual in their private, public, or work roles. It is  all are covered by this regulation. GDPR impacts people, process, and technology.

Here is a list of requirements for data processors: 

  • Implement a data breach plan
  • Ensure total transparency of data collection and what you do with it
  • Control employee data access
  • The right to erasure/right to be forgotten, for which controllers are obligated to erase personal data without undue delay
  • The data subject has given consent to the processing
  • Documented vendor management policies and procedures in place
  • Appoint a Data Protection Officer

Do I need to be GDPR Compliant? 

If you or any organization processes any data from any citizen or business from the European Union you must be GDPR compliant. 

Choose files or drag and drop files
Was this article helpful?
Yes
No
  1. Fastcomcorp

  2. Posted

Comments