GDPR
(GENERAL DATA PROTECTION REGULATION)
THE REGULATION THAT OBLIGES TO PROTECT DATA IN COMPANIES
THE NEW EUROPEAN GENERAL DATA PROTECTION REGULATION
The GDPR is the new European data protection regulation which came into full effect on 25th May 2018 and requires companies to deploy tools to control and handle specific procedures of client
The GDPR applies to all national organizations, both public and private, that process data of EU citizens, and all those in breach of this directive may be fined up to €20 Million or 4% of their annual global turnover.
What you should know
- The GDPR is already in full effect as of may 2018. Your organization must be in conformity with it.
- The aim of the GDPR is to “harmonize” data protection legislation across all Europe and to eliminate the differences between EU legal systems;
- According to the GDPR “personal data” is all information that, directly or indirectly, allows to identify an individual.
- The IP addresses, location data and other aspects that may identify a person are encompassed by the GDPR;
- The regulation is supported by a self-regulated model, leaving the responsibility of interpretation and operationalization to the individual organizations.
- A correct application of the GDPR may require nominating a DPO (Data Protection Officer) and appointing a team with technical and legal know-how about the new regulation.
INFOSISTEMA CAN HELP
The EU GDPR focuses on the relevance of personal data protection as a core issue in the management of organizations. Therefore, the preparation of a corporate governance model that will help adopt and comply with all recommendations and demands (such as policies, accountability frameworks, monitoring and control processes and mechanisms) is vital.
Support the development of a corporate governance model
Perform the integrity assessment