On 25th May, 2018 the GDPR officially becomes a law that strengthens the fundamental right to privacy for people living in the EU. The regulation mandates need for operational and technological controls for protection against data violation, and grants new rights for individuals in treatment of their personal data. Any company that wants to do business with European residents must comply by the GDPR.
By giving European consumers power to control how their data is used, the GDPR drives businesses all over the world to revisit their data handling policies. Sectors like banking and healthcare have been forerunners in defining their own data-handling laws. And, with the coming of GDPR other businesses now have a broader sense of how personal data should be treated. Businesses have an opportunity to fortify their data protection policies specific to their needs. In short, the GDPR underpins data governance for all kinds of businesses to define data protection rules specific to them.
|TREATMENT OF PERSONAL DATA|| |
Failing to adhere to GDPR guidelines post the enforcement deadline of May 2018, companies can incur heavy fines up to €20m or 4% of annual global turnover, whichever is greater.
|DATA PROTECTION OFFICER(DPO)|| |
The DPO is responsible for informing employees of their compliance obligations as well as conducting monitoring, training, and audits required by the GDPR. A DPO needs to be appointed if you:
|DATA BREACH|| |
In the event of data breach, controllers are required to notify the relevant Data Protection Authority (DPA) within 72 hours of the occurrence. And if the breach poses high risk to rights of the data subject, then controllers need to notify impacted data subjects without delay. Similarly, data processors are also required to notify data controllers of the breach, without undue delay.
Organisations must prove they are accountable by:
|PRIVACY IMPACT ASSESSMENTS|| |
Businesses conducting risky or large scale processing of personal data must:
|INDIVIDUAL’S NEW RIGHTS|| |
|PRIVACY BY DESIGN AND DEFAULT|| |