What is GDPR

9th Monday, 2018  |  Blog  |   no comments

GDPR is the next evolution of the EU’s existing Data Protection Directive (DPD). GDPR is uniform law across the EU and beyond, with new requirements for documenting IT procedures, performing risk assessments, strict rules on data loss notifications, and minimisation of data collection.

DGPR aim at establishing a single law to enforce the right to personal data protection. It legislates common sense data security ideas, from the Privacy by Design (PbD) school of thought: minimise collection of personal data, delete personal data that’s no longer necessary, restrict access, and secure data through its entire lifecycle.

What type of data is protected?

Personal data.  Think names, addresses, phone numbers, account numbers, and more recently email and IP addresses.

Who does it affect?

The GDPR applies to EU based companies and companies that collect data of EU citizens, regardless of their physical presence in the country.

How does it affect you?

It means there are new regulations and requirements for collecting, recording, and storing personal data and processing activities, new regulations on breach notifications, penalties on violations, and more.

What are the new requirements?

Privacy by Design – The GDPR has formalised principles of Privacy by Design (PbD) into their regulations including minimising data collection and retention, and gaining consent from consumers when processing data.

Fines

Serious infringements can merit a fine of up to 4% of a company’s global revenue. These infringements can include violations of basic principles related to data security — especially PbD principles. A lesser fine of up to 2% of global revenue can be issued if company records are not in order, or if the supervising authority and data subjects are not notified after a breach.

For more information on DGPR, click  here

Pegasus Personal Data Search

On the back of GDPR and its enforcement date of the 25TH May 2018, Pegasus have produced the Personal Data Search module to help customers process Subject Access Requests (SAR). The Personal Data Search utility will enable customers to gather the personal data they hold on an individual in Opera 3 and produce a report, export to Excel or save into a .csv file, in order to answer SARs easily.

For more information on this module click here