GDPR
General Data Protection Requirements (GDPR)
General Data Protection Requirements (GDPR)
The EU General Data Protection Regulation (GDPR) is one of the largest ever changes in data protection law. It replaced the existing Data Protection Directive and came into force on 25th May 2018.
The GDPR aims to give Europeans better control over their data held by organisations worldwide. The new regulation focuses on keeping organisations more transparent and expanding the privacy rights of individuals. The GDPR also introduces more stringent penalties and fines for organisations who are non-compliant, ranging up to 4% of annual global turnover or €20 Million, whichever is the greater.
We are partnered with TwoBlackLabs, which are GDPR specialists. If you would like an introduction, please get in touch with us.
Privacy Impact Assessments
A Privacy Impact Assessment is a documented impact assessment that helps to identify the privacy risks associated with a solution.
A Privacy Impact Assessment aims to:
- Ensure conformance with the Privacy Act and GDPR and policy requirements for privacy.
- Determine the privacy risks and effects
- Evaluate controls and alternative processes to mitigate potential privacy risks.
The advantages of doing a Privacy Impact Assessment are:
- Avoidance of costly or embarrassing privacy mistakes
- Aids in the identification of privacy problems early to allow appropriate controls to be identified and built
- Enhanced informed decision making regarding proper controls.
- It demonstrates that the organisation takes privacy seriously.
- We are partnered with TwoBlackLabs, which are PIA specialists. If you would like an introduction, please get in touch with us.
The advantages of doing a Privacy Impact Assessment are: