We look at how UK organisations can prepare for the General Data Protection Regulation.
On 28 May 2018, the EU's ambitious General Data Protection Regulation (GDPR) comes into force, with the aim of strengthening data privacy and protection for all EU citizens.
The regulation puts individuals firmly back in charge of their personal information and what happens to it. From sole traders working at home to giant multinational corporations, no one (except law enforcement and intelligence agencies) is exempt. But how well-prepared is the world?
The regulation places significant new structures upon organisations, including:
- Having to build privacy into systems by design (and switched on by default);
- Conduct regular privacy impact assessments; implement stronger consent mechanisms (particularly when processing data pertaining to minors);
- Follow stricter procedures for reporting data breaches;
- Document any use of personal data in far more detail than previously.
Read complete article on The Resilience Post