What is it? A Data Protection Law.
The new General Data Protection Regulation (GDPR) is an EU directive that is designed to give citizens back control of their personal data. It replaces the Data Protection Directive 95/46/EC and was designed to harmonise privacy laws across Europe. It’s the biggest change to data protection / privacy law in a generation.
The law requires organisations to take measures to better protect personal information and gives new rights to individuals.
What is it Protecting? Personal & Sensitive Data.
Personal data is any information relating to an individual whether it be in in their private, professional or puplic life. It can be anything from a name, home address, photo, e mail address, bank details, posts on social networking sites, medical information or a PC’s Ip address.
Who is affected by the new directive?
Any organisation holding and/or processing personal information about clients, employees or suppliers are legally obliged to protect that information.
What is the difference between the old directive and GDPR?
The new law strengthens Data Protection. It includes enforcement powers e.g. fines particularly in the case of Data Breach. Previously, depending on how you handled data you could be exempt from the obligation to protect data.
If you would like to talk to anyone regarding the Security Aspects of this new regulation then please contact us here at Smooth IT.