We all probably now familiar with the term GDPR, if not then you have probably 100s of unread emails in your inbox on updated Privacy Policy from every account you signed up for. The term GDPR stands for General Data Protection Regulation. As per Wikipedia:
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
What covers under GDPR what is not? IMO one can write the whole book about it but I will try to explain in simple terms
What is GDPR?
The personal details such as IDs, birthdays, addresses, account numbers, health records and other sensitive information are everywhere and in the hands of partners and vendors, we work with every day.
Because all this information is out there, we as individuals have to trust the parties to handle that information securely and when they don’t handle it, the data breaches could result in inconvenience, cost time and money and hurt the reputation.
European Union leads the way with GDPR regulation to keep information safe and protects the rights of a real people, customers, partners around the world.
Following are some key highlights
Individual Rights
Under personal privacy section, individuals have right to
- Data Transparency
- Full access to data
- Rectification of data
- Erase personal data
- Opt-out or object from processing at any time
Organizations Responsibilities
Organizations will need to:
- Protect all personal data of any kind
- Determine the purpose and methods that will be used for processing the data, organizations would be responsible for any errors involving third parties as well
- Get individuals consents for data processing
- Organizations must be completely transparent about the individual’s data on how and why they are using it.
- Notify individuals and authorities for any data breaches
Your Responsibility
As a working professional, how to identify if you are compliant with GDPR or not? you need to ask the following questions from yourself
- Do I have permission to use this data?
- How can I protect this data?
- What to do if data is at risk?
By asking these questions you will fulfill your responsibility and compliance with GDPR.
Hope this post helps you to understand GDPR fundamentals
About DataNext
DataNext Solutions is US based system integrator, specialized in Cloud, Big Data, DevOps technologies. As a registered AWS partner, our services comprise of any Cloud Migration, Cost optimization, Integration, Security and Managed Services. Click here and Book Free assessment call with our experts today or visit our website www.datanextsolutions.com for more info.