What is General Data Protection Regulation (GDPR)?
After over four years of discussion, the new EU data protection framework was adopted on 8 April 2016. It takes the form of a Regulation – the General Data Protection Regulation (GDPR). The GDPR will replace the current Directive and will be directly applicable in all Member States without the need for implementing national legislation. It will take effect on 25 May 2018. However, as it contains some onerous obligations, many of which will take time to prepare for, it will have an immediate impact.
GDPR after Brexit?
UK organisations handling personal data will still need to comply with the GDPR, regardless of Brexit. The GDPR will come into force before the UK leaves the European Union, and the government has confirmed that the Regulation will apply, a position that has been confirmed by the Information Commissioner.
Imagine a customer complains about sensitive information leaking from your organisation, resulting in a multi-million pound fine. Now imagine being far more able to avoid this situation because you have a proactive, integrated, GDPR-aware approach to cyber security in place. You’d deploy it, wouldn’t you?