What does GDPR stand for?
GDPR stands for the General Data Protection Regulations and is the result of substantial work by the European Union to bring data protection into line with the advances in the way data is used today.
What the main drivers behind GDPR?
There are several reasons behind the new legislation. The European Union want to give people better control over how their data is used by organisations today as most of the current legislation was written before the Google/Social media age. In addition as the digital economy advances it is hoped that updated data protection regulations will improve confidence and trust across in these new ways of doing business across Europe.
Who Does GDPR Apply To?
The new GDPR regulations apply to processors and controllers of data relating to citizens who reside within the European Union. Processors can be described as the actual parties that do the processing of data, while controllers are those that decide how and why personal data is processed. It is important to understand that a processor could be a third party that this work is outsourced to, whist the Controller could be a company or Government body that mandates this work.
Are the new rules for EU Countries only?
The new GDPR regulations is a European Union initiative, but it doesn’t just apply to those countries in the EU. Even if controllers and processors of data are based outside of the area , if they are dealing with data belonging to European Union residents, then they will have to comply with the new Regulations. That that means any company doing business in the European Union will have to comply.
With the upcoming Brexit situation will GDPR apply to the UK?
It will still apply because the UK will not have left the EU by May 2018. It will also apply to any organisations operating UK post-Brexit who control or process any data that belongs to European Union residents.
Is full compliance needed by 25th May 2018?
Full compliance is needed . Any organisation failing to comply with the GDPR that will come into force on May 25 2018 face the possibility of fines. Organisations could be issued with a penalty of up to €20 million or 4% of global annual turnover, whichever is greater.