GDPR White Paper
GDPR in a nutshell
- Is a new regulation aimed at strengthening and harmonizing data protection laws for individuals
- Goes into effect May 25th 2018
- Individuals now have the right to be forgotten, to access and to receive a copy of their personal data
- Companies need to report a data breach within 72 hours
- Serious infringements can result in fines up to 20 m € or 4% of the global annual turnover, whichever is greater
- Companies are responsible
- Companies that depend on processing personal information may need to designate a DPO
- Introduces DPIA (Data Protection Impact Assessment) to identify high risks to the privacy of individuals
- Data protection by design and by default
- Companies have to implement appropriate technical and organizational measures to ensure a high level of security