Data Protection: Protecting Your Data From the General Data Protection Regulation

by Cormaci Devid
0 comment 110 views

The General Data Protection Regulation is a new European Union law that will go into effect on May 25th, 2018. The regulation was designed to protect personal data from being misused or hacked by third parties. 

With GDPR now just weeks away, it’s about time you asked yourself: “Do I comply?”  Here at has some more information about protecting your data from the general data protection regulation.

In this post, we lay out the ins and outs of how GDPR might affect your company and what you need to do to be compliant before the deadline!

In this post we will look at five of the most crucial things you should know about GDPR before it comes into effect on the 25th of May 2018. Make sure you read this post now to make sure your company doesn’t get caught out by GDPR from day one!

  • 1) GDPR is related to privacy and cyber security. In general, companies should always handle customer data responsibly and appropriately or they risk being fined heavily under GDPR.
  • 2) The main aim of GDPR is to strengthen and unify data protection for all individuals within the European Union, as well as increasing penalties for those that fail to comply with the regulations.
  • 3) If you handle customer data then control over that data will be taken away from you throughout the process and will be given back to the customer. This means that they can ask for their information to be deleted at any point if they wish. 
  • 4) GDPR applies to all organizations that handle customer data outside of the EU, including companies operating in the United States, Canada and Australia. If your company is based in the EU then it is likely that they will need to abide by these new rules.
  • 5) The most important aspect of GDPR is the increased penalties for those who do not comply. There are fines of up to €20 million or 4% of annual turnover, whichever is greater. This means that EU organizations that are found to be non-compliant can end up owing billions of pounds due to larger fines being imposed on them.Hacking, Cyber, Hacker, Crime, Security

1.What is GDPR? 

The General Data Protection Regulation (GDPR) is a new European Union law designed to protect personal data from being misused or hacked by third parties. The GDPR defines “personal data” as “any information relating to an identified or identifiable natural person.”

A direct comparison between the GDPR and the U.S.’s so-called “Privacy Act” is a bit misleading, because the latter is a much older law. 

The Health Insurance Portability and Accountability Act of 1996, or HIPAA for short, was enacted in response to major health care industry vulnerabilities that emerged during the early 1990s. 

HIPAA’s purpose is to protect individually identifiable health information from being disclosed without authorization by an individual, his or her personal representative, business associate, employer or insurer.

The GDPR, on the other hand, applies not just to medical information but all data with the potential to be personalized (for example, your customer service agent’s name, e-mail address and phone number). It also applies to data with “an actual or potential use in determining the identity of any person” for commercial or unlawful purposes. 

2.Who is GDPR intended to apply to? 

The GDPR applies across all EU member countries (current total 21) except for Bulgaria and Romania. The GDPR essentially repeals the EU’s Data Protection Directive, which has governed the means by which organizations could collect and store individuals’ personal data.

3.When does GDPR go into effect? 

The GDPR will go into effect on May 25th, 2018. However, some member states have passed their own deadline of May 24th to comply with the changes. If your business is located in any of those member states, you’ll need to comply with those laws as well. 

4.What does GDPR require? 

The GDPR introduces a series of new requirements for organizations that collect and store personal data. The regulation requires that organizations must: 

In addition to these standards, the regulation puts additional obligations on organizations to protect the privacy of individuals’ information, including: 

5. How can a company comply with GDPR? 

Below are some resources that can help your organization understand how to comply with GDPR. 

  • This is a great introduction to the GDPR and answers many of the most frequently asked questions. 
  • Learn about different types of data processing before the deadline in order to be in compliance with GDPR. 
  • Here’s a very short video that gives a good overview of what GDPR is and how it impacts your company.
  • The State of Privacy at Work: No One’s Watching guides you through the requirements to comply with privacy regulations from HIPAA, PIPEDA, EU Data Protection Directive, and FISMA in one handy eBook!


Leave a Comment