The European Union’s General Data Protection Regulation stipulates requirements for data privacy that are some
of the most advanced in the world and have provided a blue print utilized in privacy protections drafted
worldwide.
- It triggers data protection audits - Assigns fines up to €10 million or 2% of the annual worldwide
proceedings (whichever is higher) – lesser offense - Assigns fines up to €20 million or 4% of the
annual worldwide proceedings (whichever is higher) – major offense
Key Elements of GDPR
• Data Subject Rights • Consent • Data Protection Officer • Processor and Controller •
Data Tranfers • Privacy By Design • Data Breach Response • Awareness and Training • Data
Protection Impact Assessment
Rights of Individuals
• Right of Access • Right to Rectification • Right to Erasure • Right to Restrict
Processing • Right to Data Portability • Right to Object • Right to not be subject to a
decision
What is GDPR?
It is a regulation about data protection and privacy in the European Union and the European Economic Area
Personal Data Breach
A breach of security leading to the accidental or unlawful destruction, loss, alteration, access,
unauthorized disclosure of personal data
Who does it apply?
The regulation applies to all entities that process data about people living in the European Union
Consent
A freely given, specific, informed and unambiguous indication that the data subject agrees to the processing
of its personal information