On May 25, 2018, a new landmark privacy law called the General Data Protection Regulation (GDPR) takes effect in the European Union (EU). The GDPR expands the privacy rights of EU individuals and places new obligations on all organisations that market, track, or handle EU personal data. How will this affect your company?
The GDPR is a new comprehensive data protection law (in effect May 25, 2018) in the EU that strengthens the protection of personal data in light of rapid technological developments, increased globalisation, and more complex international flows of personal data. It updates and replaces the patchwork of national data protection laws currently in place with a single set of rules, directly enforceable in each EU member state.
The GDPR regulates the “processing” of data for EU individuals, which includes collection, storage, transfer, or use. Any organisation that processes personal data of EU individuals is within the scope of the law, regardless of whether the organisation has a physical presence in the EU. Importantly, under the GDPR, the concept of “personal data” is very broad and covers any information relating to an identified or identifiable individual (also called a “data subject”).
Is your organisation struggling on where to start or how to accelerate your GDPR readiness? PwC shares four key steps that will get your teams moving in the right direction and will help remove roadblocks.
“We are committed to our customers' success, including compliance with the GDPR.”
Take our “EU Privacy Law Basics” Trailhead module. Our module is a free, guided learning path that helps you cover the most ground in the shortest amount of time about GDPR. Consider it your personal game plan for exploring what GDPR is. Additional information about the GDPR is available on the official GDPR website of the EU.