The EU General Data Protection Regulation (GDPR) was proposed in 2012 and aims to apply a single set of data protection rules across the European Union (EU) to protect user’s data.
Organisations will be expected to report a breach in 72 hours, and give data owners the right to request a copy of the personal data they hold, and the right to have personal data erased.
The regulation will impose greater fines on organisations that break the law -compliance failures will carry fines of up to €100m or 5% of global turnover – whichever is greater.
The proposed regulations are planned to begin at the end of 2014, coming into effect over the next two years.
A recent survey from network management and monitoring software specialist, Ipswitch showed that
– over half of employees could not accurately describe GDPR
– and 52% admitted their firms were not ready for the changes the regulations might bring.
