The General Data Protection Regulation (referred to as the GDPR) comes into force in May of 2018, and represents the biggest change in Data Protection Regulation for over 30 years.
88 pages of new theory and practice in Compliance have been succinctly distilled by Blackbaud and can be read here:
So, for more information on the following read the data fact-sheet above. Key points include:
- Data Protection Principles remain largely unchanged and of utmost importance.
- Enhanced consent collection – the death of the passive consent.
- The bigger hurdle for legitimate interests.
- A revised focus on transparency.
- New and expanded data subject rights.
- Accountability and the requirement of a data governance programme.
- Data breach notification requirements for all controllers and processors.
- Processors are directly addressed.
As May 2018 draws nearer, watch this space for further articles, reviews or training.