Personal Development Category (English)728x90

10 things you should know about GDPR

Disclosure: This page uses affiliate links.When you click an affliate link,we get a small compensation at no cost to you.Thanks for your support!Learn more

At this point you might be aware, GDPR – the General Data Protection Regulation for all individuals within the European Union takes effect on 25 May 2018.In this post,we take look at some important points you should know about GDPR.

#1.What is GDPR ?

GDPR stands for General Data Protection Regulation, and refers to the European Union regulation for data protection for all individuals within the European Union.The regulation (Regulation (EU) 2016/679) becomes enforceable on 25 May 2018 and replaces the data protection directive (officially Directive 95/46/EC) from 1995.

#2.Who does it Affect ?

Any individual or organisation that stores or processes personal information on an identifiable person from an EU member state (regardless if the processing or storage of information occurs in the EU or not) are affected by GDPR. GDPR rules also applies if the individual or organisation themselves is located in an EU member state.

#3.Does it apply only to organisations within EU ?

The GDPR not only applies to organisations located within the EU but it will also apply to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects.

#4.What is personal data ?

Any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.

#5.What if I don’t comply ?

Under GDPR organizations in breach of GDPR can be fined up to 4% of annual global turnover or €20 Million (whichever is greater). This is the maximum fine that can be imposed for the most serious infringements e.g.not having sufficient customer consent to process data or violating the core of Privacy by Design concepts.

Subscribe to Emails

More than 100,000 subscribers across the world trust & read Upnxtblog articles. Subscribe to emails updates!
* indicates required

#6.If I store data or process data in Cloud,would I be exempt ?

Both controllers and processors (clouds etc.,) are within GDPR enforcement.A controller is the entity/organisation that determines the purposes, conditions and means of the processing of personal data, while the processor is an entity/organisation which processes personal data on behalf of the controller.

#7.Is there any changes related to consent ?

Conditions for consent have been strengthened.Also parental consent would be required to process the personal data of children under the age of 16 for online services.

#8.Appointment/Role of Data Protection Officer

DPOs must be appointed in the case of: (a) public authorities, (b) organizations that engage in large scale systematic monitoring, or (c) organizations that engage in large scale processing of sensitive personal data.  For others,DPO appointment is not mandated.

Devops Engineer Masters Program will make you proficient in DevOps principles like CI/CD, Continuous Monitoring and Continuous Delivery, using tools like Puppet, Nagios, Chef, Docker, Git & Jenkins. It includes training on Linux, Python, Docker, AWS DevOps Certification Training and Splunk. The curriculum has been determined by extensive research on 5000+ job descriptions across the globe.
New customer offer! Top courses from $13.99 when you first visit Udemy

DPO appointment will be mandatory only for those controllers and processors whose core activities consist of processing operations which require regular and systematic monitoring of data subjects on a large scale or of special categories of data or data relating to criminal convictions and offences.

#9.Data breaches should be notified within 72 hours

Data breaches which may pose a risk to individuals must be notified to the DPA within 72 hours and to affected individuals without undue delay.

#10.Privacy by Design

Recover over 700 unique file formats. Fully recover documents, emails, photos, videos, audio files and more. Supports 8 different data lost scenarios: deleted files recovery, recycle bin recovery, formatted drive recovery, lost partition recovery, externa

GDPR calls for the inclusion of data protection from the onset of the designing of systems, rather than an addition. Article 23 calls for controllers to hold and process only the data absolutely necessary for the completion of its duties , as well as limiting the access to personal data to those needing to act out the processing.

It is important to note that the GDPR is a regulation, in contrast the the previous legislation, which is a directive.

Like this post? Don’t forget to share it!

Additional Resources

10 things you should know about GDPR
Article Name
10 things you should know about GDPR
In this post,we take look at some important points you should know about GDPR.GDPR stands for General Data Protection Regulation, and refers to the European Union regulation for data protection for all individuals within the European Union.
Publisher Name
Publisher Logo

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: