The European Union General Data Protection Regulation or commonly known as GDPR can be touted as the most stringent amendment to data privacy laws in the European Union. Due to come into effect in just over a year (on May 25, 2018), it introduces penalties on the data controllers and the data processors for not complying with reasonable cybersecurity practices. The GDPR mainly keeps most of the principles from the 1995 Directive, it has also included new principles, such as a requirement for data portability and the right to be forgotten.
This document goes over the key implication of the GDPR for organisations in the EU to understand the new legal framework. It describes some of the new and different requirements and the rights of the organizations under the EU GDPR.
In this document you will learn:
The rights given under the European Union General Data Protection Rules
The rights with the data subjects and the rights available to a data subject
Compliance responsibilities, liabilities and the associated penalties
Organizations must not only ensure they are compliant with the security mechanisms but must also perform the suggested tasks tasks listed in this document regularly. And considering the dynamic nature of cyber-attacks, the companies processing the personal data of the data subjects must step up their security. Protecting your clients’ data and personally identifiable information (PII) is a top priority for every business. LIFARS team will guide you and provide expert advice to guarantee that your organization is meeting the regulatory requirements of GDPR while protecting your organization’s data assets.
For any questions or for advice on protecting your organisation please contact LIFARS Incident Response team.
 Articles 3, 28-31 and Recitals 22-25, 81-82 (External link)