“Computer Services for the New Millennium” - afmargolies

8 data protection principles schema

What is the “EUROPEAN General Data Protection Regulation” (GDPR)

 “The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.

Principles of Data Protection

The guiding principles are protection (two-way), accountability and openness.

The rules can be seen as following 6 themes (as outlined in the infographic here)

I believe that we often leave out of the picture the obligation to protect data from the point of view of maintaining it with attention to not losing it, i.e. backing it up correctly.

  1. Know what you have, and why you have it

  2. Manage data in a structured way

  3. Know who is responsible for it

  4. Encrypt what you wouldn’t want to be disclosed

  5. Design a security aware culture

  6. Be prepared – expect the best but prepare for the worst.

 

What is the “EUROPEAN General Data Protection Regulation” (GDPR)

 “The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.

 Who does the GDPR affect?

The GDPR not only applies to organisations located within the EU but it will also apply to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.

What constitutes personal data?

Any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.

preparing for the gdpr 12 steps graphic

LinkedIn:
Go to top