What is GDPR (General Data protection Regulation) Compliance?
Table of content
1. Introduction
1.1 What is the GDPR (General Data protection Regulation) compliance?
1.2 Scope of GDPR (General Data protection Regulation)
1.3 Language under the provision of GDPR (General Data protection Regulation)
1.4 History and evolution of GDPR (General Data protection Regulation)
- Bottom-line Conclusion.
1. Introduction:
GDPR stands for General Data protection Regulation. This is one of the toughest data privacy law governed across the globe subject to EU (European Union) resident.
This regulation is Drafted and enacted by EU parliament which came into force by, ay 25/2018.
The regulation is replacement of earlier European Data protection directives 1995.
1.1 What is the GDPR (General Data protection Regulation) compliance?
As demonstrated under the provision of GDPR, Companies/organizations are bound to fulfill these following compliances, when dealing with Individual personal data.
- Company may need DPO data processing officer, it the company/organization process a large volume of data.
- A transparent Audit to be maintained about all data collected and processed.
- Consent of Data subject (Individual whose data is being collected or processed.)
- Do not infringe the right of Data subject. This includes- Access to the Data. Right to correction of data. Right to be forgotten. Right to restrict and processing of data.
- Security measures: effective security measures should be in place to protect data from unauthorized access of disclosure.
- Notification to be given about the data breach in case the individual data is compromised.
- Transfer of data: when transferring the data Globally outside European union effective safeguard measures to be taken.
1.2 History & evolution.
As per European Union Convention on human rights “Everyone has the right to respect for his private and family life and his home and his correspondence”
Over the time technology evolved/progressed and the need for modern law relating to privacy was need. Hence in 1995 the European Union introduced the Data protection Directives.
As time passes technology emerged more widely after 2000 the EU realized to update the Data protection Directives needs to be replaced with new and more comprehensive privacy law/regulation. Thus the GDPR came into existence in 2016 drafted by EU parliament and this regulation finally came into force by May 25/2018.
1.3 Language.
As per GDPR Personal data means – Identity of Individual, place of resident, email address, phone number, IP address, location etc.
Data Subject means- the Individual whose personal data is being collected or proceed. Data controller– the company/entity who determines the purpose and means of processing personal Data. Data Processor- The person or entity who process the personal data on behalf of the data controller.
1.4 Scope & applicability
Although the GDPR is drafted and enacted by the EU parliament the applicability of this regulation extent beyond the territorial jurisdiction of European Union.
It applies to companies/organizations it the target or monitor EU citizen.
In conclusion-
Overall this comprehensive data protection regulation/law aims to ensure to protect the individual’s right to privacy. Such rights are fundamental and needs to be protected especially in this evolving era of technology.