What is the EU General Data Protection Regulation?
General Data Protection Regulation Defined:
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
On October 6, 2015, the EU’s highest court (ECJ) struck down the Safe Harbor Agreement between the US and the European Commission.
Many believe the EU will move forward with the General Data Protection Regulation (GDPR), “The EU General Data Protection Regulation (GDPR) was proposed in 2012 and aims to apply a single set of data protection rules across the European Union (EU) to protect user’s data.”
The new EU GDPR breach notification requirements mandate the increase in data monitoring, privacy data leak prevention and alerts
SOME IMPORTANT POINTS REGARDING GDPR
Vast “Personal” Data Pool to include data from cookies, genetic data, IP & MAC addresses
Data Profiling will probably require explicit consent from the subjects of profiles
PII may need explicit consent for collection and processing
Outside of the EU? Activities geared towards EU residents means you are covered even if by Non EU entities.
Data Protection Officers must be designated
Breach Notifications Data authorities and consumers must be notified within 72 hours after the discovery of the breach.
- fines of up to 10,000,000 EUR or (for undertakings) 2% of total worldwide annual turnover (whichever is the greatest); or
- fines of up to 20,000,000 EUR or (for undertakings) 4% of total worldwide annual turnover (whichever is the greatest).[i]
GTB TECHNOLOGIES’ ABILITY TO VISUALIZE AND CONTROL SENSITIVE DATA WILL BE THE CRITICAL KEY TO AN EFFECTIVE GDPR STRATEGY