Third Party EU GDPR Compliance
- January 8, 2018
The European Union’s General Data Protection Regulation (GDPR) comes into force on May 25, 2018 and has been described as the most significant overhaul to data protection laws in a generation. The regulation applies to organizations worldwide that offer goods or services to individuals in the EU, and the penalties for non-compliance are severe. In replacing the outdated 1995 Data Protection Directive, GDPR recognizes the impact that the Internet and other new technologies have had on the data we hold and how we share it. Companies must view this as an opportunity to develop and implement data governance, protection and privacy in line with consumer expectations. This illustration outlines key steps in managing third party data privacy risk under GDPR requirements.
- Overview of the GDPR compliance assessment process
- What you need to know
- Description of Data Controller vs. Data Processor