Organizations need to comply with the General Data Protection Regulation (GDPR) by May 25, 2018. Here are seven top-level changes that will directly affect how you handle data:
- Even if your business is not in the EU, you will still have to comply with the Regulation if you handle the personal data of EU residents.
- The definition of personal data is now broader, encompassing factors such as an individual’s mental, economic, cultural, and social identity.
- You must provide clear and affirmative consent to the processing of personal data and consent will be necessary to process children’s data.
- A data protection officer (DPO) will be mandatory for certain companies.
- You must perform a data protection impact assessment before undertaking higher-risk data processing activities.
- You will have 72 hours to report a data breach.
- Data subjects have the ‘right to be forgotten’.
Learn the basics of the GDPR and how it affects you
We’re now running GDPR Foundation classroom training in the US, with classes in Boston and New York. It covers:
- The essential GDPR background and terminology
- The six data protection principles
- The rights of data subjects, including data access requests
- The obligations on controllers and processors
- Data protection by design.
Can’t get to Boston or New York?
You can take the GDPR Foundation course at home with our Live Online or distance learning options.