1 Mar, 2018
Does your organisation comply with the new data protection rules?
What is the GDPR?
The EU’s General Data Protection Regulation (GDPR) is the result of four years of work by the EU to bring data protection legislation into line with new, previously unforeseen ways that data is now used.
Currently, the UK relies on the Data Protection Act 1998, which was enacted following the 1995 EU Data Protection Directive, but this will be superseded by the new legislation. It introduces tougher fines for non-compliance and breaches, and gives people more say over what companies can do with their data. It also makes data protection rules more or less identical throughout the EU.
When will the GDPR apply?
READ MORE ON THIS ARTICLE BY FOLLOWING THE HIGHLIGHTED LINK ABOVE.
The GDPR will apply in all EU member states from 25 May 2018. Because GDPR is a regulation, not a directive, the UK does not need to draw up new legislation – instead, it will apply automatically. While it came into force on 24 May 2016, after all, parts of the EU agreed to the final text, businesses and organisations have until 25 May 2018 until the law actually applies to them.
While the overwhelming majority of IT security professionals are aware of GDPR, just under half of them are preparing for its arrival, according to a snap survey of 170 cybersecurity staff by Imperva.