What is GDPR? Answering the Top GDPR Legislation Questions

What is GDPR?

The General Data Protection Regulation is a European regulation designed to give citizens greater control over their personal data and to protect it from loss or misuse. It replaces the existing DPA regulation in the UK and applies to essentially any organisation that holds data on citizens of member states of the European Union. So, if you have customers, employees or partners who are EU citizens, you are impacted.

As well as requiring companies to collect, store and use personal data securely, fairly, accurately and responsibly, GDPR legislation gives individuals new rights in eight key areas:

to be informed about the data you hold on them
to access the data
to rectify it
to delete it
to restrict how you process it
to take it elsewhere
to object to its usage
to have it excluded from automated decision-making and profiling

When did it come into force?

It came into force on the 25th May 2018.

How has data classification changed following the implementation of new privacy regulations?

All organisations need to revisit their processes for seeking, storing, and managing consent from EU citizens for use of their personal data.

Note that “personal data” is defined in the GDPR as any information (e.g. an IP address) that could be used to identify a natural person.

A key principle is that GDPR requires users to opt-in for the use of their data (where the current DPA protects their right to opt-out).

The other major change is that you’ll need to be prepared to respond rapidly to requests from EU citizens to access, update, correct or delete their data.

Why does Brexit not affect GDPR?

Any organisations dealing with EU citizens (regardless of the location of that activity) will still be required to comply with GDPR.

If you would like to discuss your requirements, please contact us for more information.

See more information from the ICO

Compliance, Data Protection, Gdpr

Read related blogs

Solution

Industrialise your Data Protection programme for faster, more assured compliance

Industrialise your Data Protection & GDPR compliance programmes. Discover eight key services from Northdoor to make GDPR business-as-usual

Security

Third-party cyber risks during periods of business disruption

When your suppliers’ business continuity plans kick into action, it’s vital to ensure your data is protected against third-party cyber risks

GDPR

How Brexit will impact GDPR and other data regulations

With Brexit, how will the UK’s withdrawal from EU impact data regulations? In many ways GDPR & Brexit has clouded the main point of regulations.

Solution

Automated Data Discovery, Classification & Remediation Platform

Northdoor data discovery solutions empower enterprises to find, manage and protect sensitive information throughout the organisation, minimising risk.

GDPR

Data Protection Advisory Service

Data Protection Advisory Service is designed to help companies rapidly and cost-effectively access the expertise you need for addressing GDPR compliance

Solution

Breach Reporting Solution

The GDPR mandates that organisations notify the relevant supervisory authority – in the UK, the ICO – of all data breaches “without undue delay” or within 72 hours.

Interested in seeing our Data Protection and GDPR solutions in action?

Request a demo or contact sales on: 0207 448 8500

Latest Blog Articles

Banking and Finance

Operational Resilience Legislation Frameworks

Understand how financial institutions can navigate the complex regulatory landscape to enhance their operational resilience.

Security

10 reasons to consider outsourced cyber security for your business

Protect your business with top-notch cyber security outsourcing services. Enhance your defenses and mitigate risks effectively.

Security

Vulnerability Assessment in third-party risk management

Learn what a vulnerability assessment is and its importance in third-party risk management, and how to conduct one.

See all blog articles

Our Awards & Accreditations

See all Awards

What is GDPR? Top 4 questions on GDPR legislation

Are you ready to get in touch?

Top four questions on the GDPR legislation answered

What is GDPR?

When did it come into force?

How has data classification changed following the implementation of new privacy regulations?

Why does Brexit not affect GDPR?

Read related blogs

Third-party cyber risks during periods of business disruption

How Brexit will impact GDPR and other data regulations

Data Protection Advisory Service

Latest Blog Articles

Operational Resilience Legislation Frameworks

10 reasons to consider outsourced cyber security for your business

Vulnerability Assessment in third-party risk management

Our Awards & Accreditations

Top four questions on the GDPR legislation answered

What is GDPR?

When did it come into force?

How has data classification changed following the implementation of new privacy regulations?

Why does Brexit not affect GDPR?

Read related blogs

Third-party cyber risks during periods of business disruption

How Brexit will impact GDPR and other data regulations

Data Protection Advisory Service

Latest Blog Articles

Operational Resilience Legislation Frameworks

10 reasons to consider outsourced cyber security for your business

Vulnerability Assessment in third-party risk management

Our Awards & Accreditations

Subscribe to our newsletter