The course briefly discusses the important concepts under the European Union Data Privacy Regulation called The General Data Protection Regulation ("GDPR").
The important provisions and principles of GDPR are explained in a plain and concise manner.
Learn when does the GDPR apply and its implications.
The GDPR came into force on May 25, 2018. The regulation prescribes for heavy fines and penalties, so it is important to comply with the GDPR provisions.
The political agreement on the EU General Data Protection Regulation (GDPR) has been reached and the new Regulation will be on the books by the end of the first quarter of 2016. Organizations will have a two year period (spring 2016-spring 2018) to assess the impact of the Regulation on their activities, devise and execute implementation strategies and make changes to their business processes, compliance infrastructures and IT systems to reflect the new requirements. The new regime will bring changes not only to organizations, but also to the data protection authorities and how they oversee, supervise and enforce the new rules in Europe.
Some of the immediate impacts of the GDPR relate to its jurisdictional and extraterritorial reach; new requirements concerning privacy impact assessments, privacy by design, pseudonymisation, data breach notification, data processor obligations, organizational accountability, and data protection officers, data protection principles, rights of individuals; legal liability, remedies, fines; and the roles and powers of data protection authorities.
Importantly, despite the ambition to harmonize data protection rules across Europe, the GDPR leaves a significant margin of maneuver to the Member States in its application. It also gives both the EU Commission and the new European Data Protection Board (EDPB) powers to enact implementing regulations and guidance.