GDPR has been enacted to better protect citizens’ fundamental privacy rights in the digital age,and address concerns regarding diversity of data protection laws.
Beginning in May 2018, the GDPR will require many organizations to more effectively manage and protect data on customers, citizens and staff and others. This regulation applies to EU data subjects, regardless of nationality or residence, to provide principles and rules on the protection of personal data.
With GDPR being a “principles” based regulation, this means organizations must consider what obligations they may, or may not, need to meet given the unique circumstances of their business and use of data. Many organizations will therefore need to create an interpretation of these principles to help guide and steer their GDPR initiative.
The GDPR will require many organizations to better understand how they will utilise their current and future information assets to comply with these new data privacy principles. This will have an impact on the people, the processes, the technology and the data management practices and policies for many organizations.
General Data Protection Regulation (GDPR)
