General Data Protection Regulation and Performance
Gdpr,Law,Performance,Text.Posted May 27, 2018. 1147 words.
The General Data Protection Regulation (GDPR) is now in effect, although with how many emails various companies have sent you asking for consent you are probably already well aware. I am not a lawyer but in a nutshell, the GDPR requires:
- Lawful, fair, and transparent data processing
- Limitation of purpose, data, and storage to what’s strictly necessary
- Rights for data subjects to know, view, amend, object, complain, or delete their data
- Active consent to data collection by the data subject or a parent/guardian
- Disclosure of data breaches within 72 hours to the data subject and the regulator
- Data protection and privacy by default
- Performing data protection impact assessments when required
- Accountability on data transfer
- A data protection officer if significant data is processed
- Awareness and training about data protection
Reading the requirements, while this may inconvenience some large, slow moving organisations this seems like a win for data subjects (i.e. 99% of people). Unlike cookie consent, this legislation has teeth with fines of up to twenty million euros of 4% of global turnover. Read the full text (External).
Continue Reading >