The General Data Protection Regulation (GDPR) is the most significant legislative change in European data protection laws. The GDPR, which becomes enforceable on May 25, 2018, seeks to strengthen the security and protection of personal data in the EU and serve as a single piece of legislation for all of the EU.
GDPR will replace the EU Data Protection Directive (Directive 95/46/EC) as well as any and all the local laws relating to it.
simPRO has done significant work to ensure that all of our systems and services comply with the GDPR.
What is the GDPR?
The General Data Protection Regulation (GDPR) is a new European privacy law due to replace the existing EU Data Protection Directive on May 25, 2018. It is intended to enhance and reconcile data protection laws throughout the European Union (EU) by applying a single data protection law that is binding throughout each member state.
Who Does the GDPR apply to?
The GDPR applies to all organisations operating in the EU or processing "personal data" of EU residents. It defines personal data as any information relating to an identified or identified natural person.
It is important to know that businesses operating outside of the EU who also process personal data of EU residents are also subject to the GDPR.
What do the changes mean for your business?
Organisations will need to demonstrate the security of the data they are processing and their compliance with GDPR on a continual basis. This will require you to implement and regularly review your organisational processes, technical measures as well as compliance policies.
Where does simPRO fit into your GDPR accountability?
simPRO is designed to help businesses carry out work they are instructed to do by their customers. The data collected and stored in order to deliver those services should already be in line with the GDPR.
However there are a number of areas applicable to your use of simPRO which should be reviewed regularly as a part of ensuring your compliance to the GDPR.
There are also many other parts to the operation of your business outside of simPRO where processes will need to be reviewed to ensure they are in compliance with the GDPR. For these we recommend you seek professional advice if unsure of your responsibilities and requirements.
Please click here to review our checklist on your use of simPRO as and how it applies to GDPR compliance.
The publications on this website with regards to GDPR are only intended to provide a summary and general overview on the application of the GDPR to your business. It is not intended to be comprehensive nor does it constitute legal advice.