GDPR Update: Implementation and Breaching
In the lead up to the GDPR changes on 25th May 2018, what exactly is the precedence of GDPR implementation and the fines incurred if breached?
How is GDPR implemented?
The upcoming GDPR is a regulation in EU law regarding the data protection and privacy of all individuals in the EU, however this is also applicable to the export of personal data outside of the EU as well.
Thus, the aim of GDPR is predominately to give citizens within the EU control over their own personal data, in which GDPR will replace the 1995 Data Protection Directive.
However, one noticeable difference between GDPR and the 1995 Data Protection Directive is that GDPR is a regulation rather than a directive.
This therefore specifically means that GDPR doesn’t require national governments to pass any enabling legislation and is directly binding, as it is a regulation rather than a directive.
PII: Personally Identifiable Information – The low down
Any data, such as email address, phone number, social media posts, IP address etc. that can be used to identify a specific individual is known as ‘PII’ or ‘Personally Identifiable Information’.
However through PII, and its expansion through the development of technology, this can create security and privacy challenges in need of addressing.
Hence, GDPR highlights the importance of the security and privacy challenges within PII by granting individuals greater rights regarding the handling by company of their PII.
From this, any companies that breach or demonstrate non-compliance with the handling of PII regarding GDPR will now be susceptible to heavy fines, for instance such as 4% of the company’s yearly revenue.
Furthermore, companies are also required, from the GDPR changes on 25th May 2018, to report any data breaches within a 72-hour window.
If you would like to know more about GDPR, please click here.
Alternatively, if you would like to discuss this article further or have any general enquiries, please contact one of our highly qualified solicitors on 020 3318 5794 or via email at email@example.com