Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security
Uploaded by Harun Seker

gdpr

advertisement 
What is GDPR?
Why was GDPR created?
With data collection more prevalent than ever,
and data breaches becoming all too common,
the GDPR addresses a crucial necessity for
additional regulations. By default, it establishes
data protection as a fundamental right for
residents of the EU, requiring that all data
collectors, regardless of their location, adhere
to a modern set of guidelines that prioritizes the
privacy of individuals.
What is personal data?
Article 4 of the GDPR defines personal data as:
“any information relating to an identified or
identifiable natural person (‘data subject’); an
identifiable natural person is one who can be
identified, directly or indirectly, in particular by
reference to an identifier such as a name, an
identification number, location data, an online
identifier or to one or more factors specific
to the physical, physiological, genetic, mental,
economic, cultural or social identity of that
natural person;”
What does the GDPR require
of organizations?
In order to comply to the full scope of the GDPR,
it is recommended that organizations seek legal
counsel. At a minimum, here are a few high-level
action items:
•
Get consent. A data controller must be able
prove that consent was given by the data
subject.
•
Conduct a Data Protection Impact
Assessment. It’s important to assess the
privacy risks of processing personal data of
individuals.
•
Appoint a data protection officer. This person
is responsible for overseeing compliance and
data protection strategies.
•
Implement technical and organizational
measures to safeguard data. Organizations
must utilize technical measures (such as
encryption) as well as procedural measures
(such as awareness training).
•
Be prepared to report data breaches. Under
the GDPR, organizations must report a breach
within 72 hours.
Failure to comply.
Organizations that fail to comply will face
significant fines—as high as four percent of the
organization’s annual revenue. Furthermore,
individuals may take action against any entity
that improperly handled personal data.
© The Security Awareness Company, LLC.
GDPR (General Data Protection Regulation)
is hailed as one of the toughest privacy and
security laws in the world, the GDPR went into
effect on May 25, 2018, setting new standards
for how organizations should handle personal
data of European Union citizens. The goal of
the law is to maximize the privacy and rights of
those citizens, and give EU authorities power to
enforce the law with sanctions and heavy fines.
Related documents
GDPR Audit report
GDPR Audit report
Smart words
Smart words
BUS 446 Political Legal EnvironmentS
BUS 446 Political Legal EnvironmentS
ECONOMIC GROWTH NOTES
ECONOMIC GROWTH NOTES
Why does data protection in physical security systems matter?
Why does data protection in physical security systems matter?
notes on global privacy regimes
notes on global privacy regimes
What is a CMS Assignment
What is a CMS Assignment
- GDPRterritorial scope of application- FEDERICO MARENGO
- GDPRterritorial scope of application- FEDERICO MARENGO
How GDPR Will Transform Digital Marketing
How GDPR Will Transform Digital Marketing
Privacy notice - customers, website and app users
Privacy notice - customers, website and app users
GDPR NOTES
GDPR NOTES
Decoding GDPR Roles and Responsibilities
Decoding GDPR Roles and Responsibilities
Download
advertisement