GDPR-General Data Protection Regulation
It’s a comprehensive data protection law that the European Union has constituted for implementing in the member countries. Effective from May 25, 2018, this legislation counters all threats & challenges that rise upon exploiting the personal data through rapid technological developments, analysis and more complex cross border data flows. This regulation protects the “right to privacy”, empowering individuals to strongly voice against whosoever misuse or use personal information without any permission of the data subject.
Aim to Put GDPR in Place
This law is a strong initiative to strengthen and standardise user’s data privacy. Adding to it, this law introduces a control on unlawful exploitation of personal info by data controllers and processors. It puts additional obligations & liabilities in place to flag lawful processing of personal info. This means that the data subject should have crystal clear picture of what kind of processing you do with it. It strongly condemns and prohibits interfering with accuracy, using it for target marketing or auto-profiling processing or disclosing it to another party without informing its subject. Even, nobody can share it without ensuring proper technical and organisational measures.
Secure Personal Info
Personal data refer to any information about people, online identifiers such as IP addresses, cookies, personal identifiable information like caste, health records and criminal records. Pseudonymised personal information may be subjected to this principle. However, it completely depends on the extent of complexity to identify whose data that is.
Measures to Take
DATA ASSESSMENT
This directive ensures governance to retain the quality of data together with the assessment of what information is being used & why, which is a must to boost transparency & build trust.
GOVERN INFORMATION
This is to translate the general data protection regulation into actions, guidelines and values. It is the best way to draw effective measures, as what needs to be taken.
SECURITY is PRIORITY
It protects the fundamental privacy rights, securing the confidentiality of personal data. Even, it mandates proper mention of its use, notice, consent, choice, access, rectification and erasure.
STAFF COMPREHENSIBILITY
It promotes the education on GDPR to be promoted among employees. They need to understand the threats, challenges and impact associated with the improper use of any information. The staff should be able to process and know what changes to be done accordingly thereafter.
This regulation puts a liability on us to protect the privacy of data subjects, which is a praiseworthy initiative. You can go through FAQs to know more about how we apply it.