GDPR Overview & Impact
The GDPR has been applicable since 25th May 2018, bringing with it the newest standards and requirements.
About the GDPR (General Data Protection Regulation)
GDPR is the EU law that replaces the 1995 Data Protection Directive, which was until until 25th May 2018, the main standards for processing data in the EU. GDPR intends to heighten several rights for: Individuals – Who now have the right to demand companies disclose and or delete their personal data from a database. And Regulators – Who can now legitimately hold companies accountable for data protection breach across all EU member states and associated countries.
Harmonisation Across EU
- GDPR Replaces the European Data Protection Directive which was implemented inconsistently in European countries
- Automatically binding and will harmonize local laws
Wide Territorial Scope
- GDPR Applies to any organization that collects or processes data on EU citizens
- The location of the organizations is irrelevant to require compliance with the GDPR
- Local countries’ Data Protection Authorities are responsible for implementing the GDPR and ensuring that requirements are followed by organisations
High Penalties warning only in cases of first and non-intentional non-compliance
Regular periodic data protection audits
A fine up to 20 million EUR or up to 4% of annual turnover for violations of basic data protection principles, data subject rights, and data transfer requirements
The Scutum Group’s GDPR Compliance Roadmap
Internal and External GDPR Compliance at the Scutum Group.
With an in-house Data Protection Officer (DPO) and a Cybersecurity team, the Scutum Group has taken several protective measures to comply with GDPR and continue to safeguard the privacy and security of data collected from customers, prospects, suppliers and employees.