Connect@ADP

Insights that empower you and your workforce to be successful

The EU GDPR: What You Need to Know About the EU’s General Data Protection Regulation

Posted by: adpindia on 24 August 2017 in ADP News, Compliance, HR, Non classé, Payroll

Prepare for the turbulence ahead

The European General Data Protection Regulation (EU GDPR), the most significant change to data protection in three decades, becomes effective on May 25, 2018. The regulation intends to strengthen individual data and privacy protection for individuals residing within the EU. Additionally, it intends to simplify the regulatory framework for international business by unifying data and privacy regulations. It will replace the Data Protection Directive from 1995.

The Data Protection Directive 95/46/EC of 1995 was the European Union’s answer to the division of privacy regulations across the EU. Its major goals included the harmonisation of data protection laws and the transfer of personal data to “third countries” outside of the Union. Among other measures, it established independent public authorities in each member state in order to supervise the application of this directive and serve as the regulatory body for interactions with businesses and citizens. Overall, the directive stays true to the original recommendation of the Organisation for Economic Co-operation and Development (OECD) and the core concept of privacy as a fundamental human right.

Although the Data Protection Directive was meant to bring together the laws of different member states, it was still a directive, which left some room for interpretation during the transposition into individual national law. This fact, along with today’s rapidly changing data landscape, has led to the necessity for another update to the regulatory environment of the EU. The incoming GDPR is a much larger piece of legislation and, as a directive, it will become immediately enforceable law in all member states.

Regulation vs. Directive

One key feature of this sweeping change is that the EU GDPR is a regulation replacing a directive. Regulations apply directly to each member state in the EU, whereas with a directive, each member state has discretion as to implementation of data protection regulation. Thus, with the regulation implementation, which itself offers stringent data and privacy protection, it can also offer a simplification of regulatory framework across the EU through unification of data and privacy regulations. This will eliminate inconsistencies among local laws and reduce administrative costs and burdens for international businesses when interacting with multiple data and privacy protection authorities.

Increased Penalties

The GDPR continues enforcement through the supervisory authorities and the courts, with penal and administrative sanctions in addition to civil remedies. However, the GDPR increases administrative penalties up to a maximum of EUR 20 million or 4 percent of the annual revenue of the organisation, depending on the facts and circumstances of the case, according to the International Association of Privacy Professionals.

Newly Expanded Jurisdiction Includes APAC-based Businesses Operating in the EU

A key feature under the regulation is the newly expanded jurisdiction, which could impact businesses based outside the EU. The new regulation also applies to any business that offers goods or services to individuals in the EU or monitors such individuals’ behaviour (such as operators of commercial websites or mobile apps). This is a broad expansion of the requirements that will affect many more organisations across Asia Pacific.

Consent will continue to be a requirement for processing personal data under the GDPR, but it sets forth stricter conditions for consent. As EUDataProtectionLaw.com notes, these conditions are defined as “any freely given specific, informed and unambiguous indication of his or her wishes by which the data subject, either by a statement or by a clear affirmative action, signifies agreement to personal data relating to them being processed.”

New Rights Established

The EU GDPR has also created two new individual privacy rights — “right of erasure” and “right of portability.” The right of erasure, an expansion of the “right to be forgotten,” gives individuals the ability to have their personal data erased upon request, notes the Information Commissioner’s Office (ICO). The right of portability gives individuals the ability to access their own data with greater ease, notes ICO. Upon request, individuals will be able to transfer their personal data from one provider to another. The transfer of such data should promote ease of access among individuals and competition among providers.

Steps to Take Toward Compliance

The GDPR not only applies to organisations located within the EU but it will also apply to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.

Many businesses haven’t been subject to the EU data and privacy laws before, and many details as to scope and implementation still aren’t clear. However, for all businesses operating in Europe, or offering, selling to or monitoring European individuals, here are steps you can take now in anticipation for next year:

  • Review the GDPR in-depth with all available guidance
  • Understand the broad scope of personal data under the GDPR
  • Create, update or review documentation for personal information and security practices
  • Create, update or review documentation for policies and procedures for breaches, incident reports and risk assessments according to GDPR
  • Create, update or review any required contract and agreement language
  • Determine if using a cloud-based HR or payroll provider would serve your organization’s best interest in mitigating risk of noncompliance with GDPR

HR leaders should also take note of the fact that Philippine citizens living in the EU will be protected by the GDPR, but citizens of the EU who live and work outside of the EU jurisdiction are not protected by these regulations.

Although many organisations have adopted data and privacy measures consistent with the Data Protection Directive, the GDPR contains new protections and expansive measures — for organizations within the EU and beyond — that will require additional compliance measures. Organizations must begin implementing next steps now to prepare for May 2018.

GDPR represents a significant shift in the way personal data is handled, processed and secured. We invite you to join ADP’s data privacy experts for a special webinar to learn more about the impending GDPR legislation and make sure your HR department is ready to face the turbulence ahead: GDPR

***

Focus keywords: GDPR, Right of erasure, Right of portability, regulation, penalty, personal data, individual data and privacy protection

This post was authored by Jennifer Kiesewetter, Esq. for ADP.

The views expressed on this blog post are those of the blog author, and not necessarily those of ADP. This blog does not provide legal, financial, accounting, or tax advice. The content on this blog is “as is” and carries no warranties. ADP does not warrant or guarantee the accuracy, reliability, and completeness of the content on this blog.

(Visited 430 times, 1 visits today)

Post a response

hydroxychloroquinesn says

hydroxychloroquine covid 19 where can i get hydroxychloroquine hydroxychlor tab

hydroxychloroquine sulfate says
hydroclorquin says

drugs.com hydroxychloroquine https://plaquenilx.com/# hydroxichlorine

prednisonewarnings says

prednisone indications prednisone warnings

modalert200 says
modafinildrugtest says

modafinil reddit modafinil dosage

bactrim antibiotic says

trimoxazole pronounce bactrim side effects

cialis dosage says

cialis pills cialis 20mg

pharmacepticacom says

sildenafil 50mg for sale https://pharmaceptica.com/

modafinilwarnings says

modalert 200 reddit modafinil 100mg

bactrim for uti says

trimoxazole tablet uses in hindi bactrim ds dosage

prednisonesteroid says

cheap prednisolone steroids side effects

provigil100mg says

buy modalert https://modafinilpleasure.com/

LaltyKaryxuh says

hydroxychloroquine over the counter buy chloroquine online

darielaclvq says

https://chloroquineser.com/

darielakkcw says

plaquenil dosage https://hydrochloroquinesol.com/

LaltyKarhmsy says

https://chloroquine250mg.com/ plaquenil drug

darielabxpa says

darielaezwb says

hcq medication plaquinol

darielaqejv says

hcq medication chloroquine otc

LaltyKarsssy says

chloroquine otc buy chloroquin

darielamoph says

darielaeovf says

hydroxychloroquine effectiveness chloroquine hydroxychloroquine

darielaxbun says

chloroquine drugs chloroquine purchase

DmsAudic says

legit canadian pharmacies Malegra FXT

Cmkobruib says

is ivermectin safe ivermectin for chickens

LaltyKarwkgj says

https://chloroquineef.com/ hydroxychloroquine biden

FnmkPhync says

buy ivermectin for humans how to make ivermectin

darielapsej says

darielayxyb says

https://hydroxychloroquineth.com/ chloroquine dosage

RkkzAudic says
darielacdxe says

chloroquine and hydroxychloroquine plaquenil for sale

DsjgAudic says

canadian pharmacy safe 1 canadian online pharmacy

AnsbPooro says

generic viagra in usa female viagra porn

AnsnTriervems says

mexican pharmacy online tour de pharmacy online free

SwhhCano says
Dsnitani says

cost of viagra without insurance cheap viagra free shipping

Hsngshurf says

why is cialis so expensive 2016 cialis or viagra ?

Cahubruib says

buy cialis viagra cialis for enlarged prostate

RumbAudic says

internet pharmacy cvs pharmacy store

FsjkPhync says

buy cheap viagra alternative viagra

KmsgPhora says
LaltyKarkukc says

hydroxychloroquin https://chloroquineetc.com/

AannPooro says

giving ivermectin to heartworm positive dog tractor supply ivermectin for dogs

DktkAudic says

ivermectin poisoning in humans ivermectin head lice

SeehCano says

durvet ivermectin sheep drench can ivermectin be given orally

AsbfTriervems says

ivermectin for covid-19 ivermectin heartworm

Dsnnitani says

ivermectin sheep drench for humans fleet farm ivermectin

darielaehfu says

hydroxychloroquine update today https://plaquenil-hydroxychloroquine.com/

Hmrmshurf says

ivermectin candida equine ivermectin

darielazhku says

Cnsnbruib says

pharmacy technician certification online good rx pharmacy discount

RnsnAudic says

ivermectin dosage dogs ivermectin wormer

FnnkPhync says

top rated canadian pharmacies online canada pharmacies/account

darielagkge says

chlorquin hydroxychloroquine over the counter

AsbdfTriervems says

cost of cialis at costco is there generic cialis

AwnnPooro says

sildenafil citrate 50mg tab canadian pharmacy sildenafil

ShheCano says

sildenafil 20mg generic free sildenafil samples

DnrjAudic says

pharmacy store window viagra pharmacy 100mg

Dnsnitani says

tadalafil tablets 40mg tadalafil generic in usa

Hmsmshurf says

online medical stores sell tadalafil without medical prescription in india indian tadalafil

Cmembruib says

sildenafil 100mg price canada pinkviagraforwomen

KvrdPhora says

back pain from cialis cialis shop usa

FnwnPhync says

purchase viagra india buy cheap viagra online