Understanding the EU's new General Data Protection Regulation (GDPR)
In 2016, the European Union approved its General Data Protection Regulation to protect European citizens’ data. As a regulation, the GDPR does not require the implementation of legislation, and will immediately become an applicable law as of May 25, 2018.
What is GDPR exactly trying to accomplish? According to the official documents, the goal is the “protection of natural persons with regard to the processing of personal data and on the free movement of such data.”
In short, organizations that conduct business in the EU will need to be compliant with GDPR, and must come to terms with the huge fines that non-compliance can carry.
Fines can be up to €20M or 4 percent of the annual turnover. For companies that experience breaches that result in the loss of personal data (such as Talk Talk, which lost 170,000 people’s data), the fines will be tremendous.
Join us for discussion about GDPR to learn more about:
- The principles that organizations that use personal data need to adhere to
- The consequences organizations can face if that do not adhere to this new regulation
- How your organization can prepare for the future