New regulation of personal data for the entire EU

Due to rapid technological developments there is a sharp increase in the use and processing of personal data. Governments and companies process a lot of this data. Due to technological changes in the economic and social field, it is important that the legislation also develops.
The Personal Data Protection Act (PDPA) must ensure that privacy data is protected. Many countries in the European Union have similar laws, but because these laws differ in every country, international organizations often encounter problems. The EU also believes that many of these laws do not comply with the right way to protect users’ personal data. In order to generalize these laws and to improve the protection of personal data, the EU will introduce the GDPR Act from May 25, 2018 (or the Dutch AVG Act, General Data Protection Regulation). This law must ensure that confidence in the digital economy is strengthened and maintained. In addition, the law provides more legal certainty for natural persons, market participants and government agencies.
Companies that process personal data have more obligations and must be able to demonstrate that they abide by the regulation. That means their information management has to be in order. A mandatory element of that is the appointment of a so-called Data Protection Official (DPO). In addition, an implementation plan has to be drawn up for the implementation of a privacy management framework. Also, this is something companies are not allowed to outsource, but they can use external backing. If this is something you don’t have sorted as a company, you can end up paying a hefty fine. The maximum penalty is € 20 million, or 2-4% of the worldwide turnover. To get an idea of the structure of the fines, below a figure showing the costs of a data leak.
What is changing for the users of the organizations that use personal data? First, according to the law, it must be as easy to withdraw permission as it is to give permission. As soon as you no longer want your data to be used, the organization must stop immediately. Do you want to ensure that your data is removed from the database? Companies are also obliged to do this. Your data must also be systematically arranged so that you can easily access it and transfer it easily. All in all, it means that your data and data become much more accessible.
For companies, the introduction of the new law can be difficult. Resources have to be made available to hire the new staff necessary to meet the information management conditions. On the other hand, thanks to the new regulation, the information at a company’s disposal is always up to date and well-maintained. For the users of these services, there are really only positive sides. Access, options and rights regarding personal information are becoming less complex and better.
How will WIBA IT respond to this law? WIBA IT will make sure that, as soon as the law comes into force, there will be a portal for all users that will provide all the rights and options listed in this article. Do you want to stay informed of this and other important subjects? Follow us on LinkedInFacebook and Twitter or get in touch with us.