GDPR stands for General Data Protection Regulation. It’s a European Union regulation that gives rights to EU subjects over the protection and privacy of all data collected about them and the movement of that data outside of the EU.
The regulation essentially gives specific rights to EU Subjects about the use, retention, and movement of their data. It became a law on May 25, 2018.
3 Important Terms Related to GDPR
A Citizen of the EU, in general residing in the EU when they provide their data to someone.
Generally the organization that collects and controls what happens with the data.
Generally the organization that follows the controller’s instructions to store, process, move, change, merge, publish or in other ways hands the EU Subjects data
…and an important concept
Subject Data, Personal Identifiable Information (PII) or Protected Health Information (PHI) is considered any data that can be tied back to a unique individual or combined with other information to tie back to an individual, such as…
GPDR gives significant power to EU Subjects of over the use of their data. GDPR gives EU Subjects
GDPR obligates companies:
Violations of GDPR by companies
This can effectively end a business’ operations.
How to comply with GDPR
- Protect PII/PHI.
Follow your company’s policies and procedures on safeguarding data.
- Don’t move data.
PII data should never be emailed, put into test systems, moved across international borders, or viewed across international borders.
- Involve your IT with software purchases.
That self-serve mail list program or customer service response software may transfer data or not store it per GDPR rules.
- Report all issues.
Lost laptops, accidentally emailed documents, thefts of anything holding data, suspected loss of passwords…all should be reported.
- Don’t assume data is not covered by GDPR because you know the customer or individual.
Customers or individuals may have unknown EU subject data. You can’t prevent people from typing things into webs forms and fields. GDPR is designed to case a wide net.
Together, we can keep the Internet safe. If you have any questions about GDPR or compliance, please contact us today for help.