Page 43 - Cyber Defense eMagazine - December 2017
P. 43
HOW WILL THE CHANGES IN THE GDPR WORK?
Sources: Investopedia and ExigentNetworks
First, let’s get the basics on GDPR and then we’ll go through a really well done
infographic to cover the changes in the GDPR.
DEFINITION of 'General Data Protection Regulation (GDPR)'
The General Data Protection Regulation (GDPR) is a legal framework that sets
guidelines for the collection and processing of personal information of individuals within
the European Union (EU). The GDPR sets out the principles for data management and
the rights of the individual, while also imposing fines that can be revenue based.
The General Data Protection Regulation covers all companies that deal with the data of
EU citizens, so it is a critical regulation for corporate compliance officers at banks,
insurers, and other financial companies. GDPR will come into effect across the EU on
May 25, 2018.
BREAKING DOWN 'General Data Protection Regulation (GDPR)'
The GDPR adds to the EU’s general policy of protecting citizen’s data. In addition to the
notifications of collection and legal ramifications for misuse, there is also a requirement
to obtain explicit consent, notify in cases of a hack or breach, appoint dedicated data
protection officers and much more. For financial institutions, the new rules will require
significant investments in compliance to ensure continuing access to the EU market.
The new rules are also pushing firms to pseudonymize personally identifiable
information (PII) prior to processing it, meaning that the data can’t be attributed back to
a particular person. The pseudonymization of data allows firms to do some larger data
analysis - such as assessing average debt ratios of its customers in a particular region -
43 Cyber Defense eMagazine – December 2017 Edition
Copyright © 2017, Cyber Defense Magazine, All rights reserved worldwide.
