GDPR (General Data Protection Regulation)

General Data Protection Regulation, GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states.

General Data Protection Regulation, GDPR introduced the key principles of data privacy by design and default, handing power back to the consumer. GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. These measures include understanding what personal data a business handles and where this data resides; performing risk assessments to assess exposure to accidental or unlawful loss of this data; implementing various technical and procedural controls to protect personal data; and for some businesses appointing a data protection officer charged with overseeing GDPR compliance. Enforcement began 25 May 2018 establishing strict breach disclosure requirements which will impose fines for non-compliance.