As you may be aware, the new EU General Data Protection Regulation (GDPR) is being introduced, with the deadline for compliance being 25th May 2018. Considering all that the legislation entails, that is not long at all – we would advise that every business would start preparing now. In anticipation, we have put together a GDPR series of blogs and briefings, detailing the Regulation, the Key Impacts and next steps to ensure your business is compliant come 25th May 2018.

Why is the new General Data Protection Regulation necessary?

The GDPR will replace the EU Data Protection Directive to keep apace with technological advances including the handling of digital data and cyber security. All organisations, large and small, across the EU must securely protect all data collected. The GDPR is being introduced to achieve the following aims on a EU wide level –

The main principle of the GDPR is that personal data can only be sourced and stored under strict conditions and for a legitimate purpose. It contains specific elements such as a right to be forgotten, as well as a data breach notification requirement, failure to comply could incur massive penalties for businesses.

Businesses of all sizes will be required to report most breaches concerning personal data. You will be required to inform those individuals whose personal data has been affected along with the Data Protection Commissioner as soon as the breach occurs.