Digital Transformation

Knock, knock. Who’s there? GDPR (General Data Protection Regulation)

GDPR

GDPR who? GDPR (General Data Protection Regulation) problem to solve.

Maybe you’ve never heard of GDPR (General Data Protection Regulation) until today. It definitely will not be the last time.

This new game-changing regulation issued by the European Union (EU) entered into force on May 24, 2016 and will be enforced starting May  25, 2018. Yes! One year from now! EU modernized the previous rules established in 1995 after a four-year process. The text of 200 pages and 99 articles is pretty hard to approach making it difficult to apply. In October 2016, the newspaper “La Tribune” stated that 92.6% of enterprises within France, Germany and the United Kingdom were still not clearly understanding GDPR.

  • GDPR stands for General Data Protection Regulation
  • Scope: As defined by the EU, it sets out the rights of the individual and establishes the obligations of those processing and those responsible for the processing of the data. It also establishes the methods for ensuring compliance as well as the scope of sanctions for those in breach of the rules.

What is the data the GDPR is protecting

  1. EU is protecting “natural persons” and is extending this notion of protection to the processing of “personal data.”
  2. The protections apply to natural persons, whatever their nationality or place of residence, in relation to the processing of their personal data.
  3. What is protected in particular: the respect for private and family life, home and communications, the protection of personal data, freedom of thought, conscience and religion, freedom of expression and information, freedom to conduct a business, the right to an effective remedy and to a fair trial, and cultural, religious and linguistic diversity. 
  4. The other objective of this regulation is to ensure the free flow of personal data between the Member States. 

What GDPR is not

GDPR is not a norm nor a standard. No person or no product can be GDPR certified. Also, compliance with GDPR is a combination of organization and technical solutions. The EU is pushing to have industries create codes of conduct and to have States to create certifications and labels ensuring compliance. Nothing exists for now.

Next episodes

Check out more information on GDPR here.

Sources:
The official text: http://eur-lex.europa.eu/legal-content/en/TXT/PDF/?uri=CELEX:32016R0679
The GDPR homepage at EU: Reform of EU data protection rules
The Wikipedia page: GDPR