[Narrator] GDPR stands for General Data Protection Regulation. It's a law concerning the handling, storage, use, and processing of personal data, and represents the biggest change in data protection laws for our generation.
Protection of personal data is considered to be a human right. GDPR increases the rights of individuals whose data is being processed. It extends the protections under existing laws. For example, broadening the definition of personal data to include new technology.
Every organization handling personal data needs to be fully compliant with the regulation. Compliance with the regulation is mandatory, and applies to our group and global activities. We need to demonstrate compliance with evidence.
GDPR principles require to be embedded in our policies, procedures, and ways of working. Transparency is key. Failure to comply with the regulation can result in fines of up to €20 million euros, or 4 percent of global turnover, whichever is higher, to say nothing of the cost reputational damage will incur.
Personal data has a broad meaning. It covers anything that an individual can be identified from. This can be an individual's name, their email address, the IP address of the device they are accessing the internet from. Online behaviors, such as how individuals interact with websites, and their browsing patterns or preferences.
Access the essential membership for Modern Managers
Individuals will have rights such as having access to records, restricting processing, objecting to processing, to be forgotten, and the meaning of consent has changed to a freely given indication of a person's wishes, given by a clear affirmative action. If a person requires information or action regarding their data, organizations must respond without undue delay at no later than one month from receipt.
Everyone in your organization has a responsibility to adhere to the regulation, including managing data security breaches securely. A data security breach is the accidental or unlawful destruction, loss, unauthorized disclosure of, or access to personal data. You need to be able to recognize a security breach and report this via your organization's reporting structure. Proper use of personal data is everyone in your organization's responsibility. We need you to play your part in making this happen.
Reflective Questions:
Once you've watched the video, reflect on what you've learned by considering the following questions:
- What does GDPR stand for?
- What are the key principles of GDPR?
- What impact is it likely to have on how you carry out your role?
- What are the potential costs to your organization of non-compliance?
- Once you've watched the video, reflect on what you've learne by considering the fodllowing questions:
Share this post
Discover more content
How to Spot Real and Fake News
Fake news can destroy trust, damage learning culture, and sap curiosity. Make sure you know how to tell fact from fiction using these six steps.
Using Quantitative and Qualitative Data
An outline of some methods for gathering and using quantitative data.
A Guide to Data Protection
The European General Data Protection Regulation (GDPR) sets out rules for all organizations that keep or process personal information on individuals. Here's an overview.