Friday, July 27, 2018

General Data Protection Regulation



On the 25th of May 2018 the General Data Protection Regulation (GDPR) became the law of the land and the wider EU. If you haven’t noticed the effects of this new comprehensive regulation you will no matter what area of life you operate in. In this article I will give a very brief overview, to familiarize yourself fully with the GDPR please visit the site of the Data Protection Commissioner at http://gdprandyou.ie/  The Dail made 105 amendments to the regulation before passing it into law. You can download the full text of the act in pdf format by visiting https://www.oireachtas.ie/en/bills/bill/2018/10/

The Aims of The Regulation

Some but NOT all of primary aims of the regulation are:

#1 Make Companies, individuals, and organizations responsible and accountable for keeping personal information on any citizen of the EU including justifying why such information is recorded, how long they will retain it, and crucially the right of every EU citizen to know what information is being kept and have it corrected and/or deleted. Specific portions of the regulation are targeted at protecting minors.

#2 Provide for severe financial penalties for companies, organizations, and individuals where they are found to be in breach of the regulation.

#3 Elimination of complex or implied agreements to keep and pass on personal information.

#4 Provide a simple mechanism for citizens to register a complaint against any company, individual, or organization that they believe is in breach of the act.

#5 Require companies, individuals, or organizations to respond to citizen requests about personal data.

What Is Personal Data?
The regulation defines personal data as any information which can identify an individual or pertains personally to that individual and includes photographs and video.

The Reach of The Regulation
 GDPR applies to any company, individual, or organization who records personal data on EU citizens regardless of where these entities are located inside the EU or in non EU countries.  Thus a company located in the United States of America who holds personal data on EU citizens is subject to the regulation.

Next month based on your feedback I may continue on this subject
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)