GDPR is a new data privacy regulation adopted in 2016, the most significant and far-reaching of its kind, which applies in full from 25th May 2018. It asserts new and expanded privacy rights for over 500 million individuals in the EU. Non-compliant organisations face fines of up to €20 million or 4% of worldwide revenue.
With the 25th May 2018 compliance deadline ticking closer, we have produced a number of guides which detail business and technological changes you will need to make in line with the new regulation.
GDPR: Principles and Preparation Guide
GDPR: Principles and Preparation provides an outline of the changes required by GDPR and steps for becoming compliant by covering two key areas:
1. The Six Privacy Principles
The fundamental conditions which all organisations must follow when collecting, processing and managing the personal information data for all European citizens, or face fines of up to €20m or 4% of global turnover.
2. Preparing for GDPR: The 12 Steps
Essential steps outlined by the Information Commissioner's Office (ICO) for making the necessary business and technology changes required to become compliant by the May 2018 deadline.
GDPR: Introductory Guide
Whether your organisation has mature data privacy and information security capabilities, is just getting started or is in the middle of preparation, GDPR requires significant organisational change.
This introductory guide includes a project approach detailing definitions and key impacts, the internal and external areas effected, and a compliance programme timeline.