The General Data Protection Regulation (GDPR) is the European Union’s (EU) new data protection law that came into effect on 25 May 2018.
Implemented throughout the EU, it governs all businesses operating within the union and embeds a more consistent approach to data protection. Companies that trade with EU based businesses are impacted and need to know what changed and how to comply.
So why has the data protection legislation been transformed?
Since 1995, the Data Protection Directive (Directive 95/46/EC) has determined how individuals’ personal data is protected within the EU. However, since its inception there have been vast developments in the sophistication and scale of data creation and gathering – for example through the emergence of social media, cloud computing and geolocation services. As the directive predates these developments, it’s no longer suitable to govern the current data landscape; it needed to be refreshed to address modern privacy concerns and facilitate consistency across the EU. This is what the GDPR does.
The new regulation introduces a huge range of changes. In our global report [ 937 kb ], we outline what those changes are, what this means for your business and how to get ready for the GDPR.
Alternatively, view our infographic [ 291 kb ] summarising the GDPR and the questions you can ask yourself as you start to prepare.