Data breaches inevitably happen. Information gets lost, stolen or otherwise released into the hands of people who were never intended to see it — and those people often have malicious intent.
Under the terms of GDPR, not only will organisations have to ensure that personal data is gathered legally and under strict conditions, but those who collect and manage it will be obliged to protect it from misuse and exploitation, as well as to respect the rights of data owners – or face penalties for not doing so.
I’m confused here I sure don’t want to break any international laws . For being a webizen
BREAKING DOWN ‘General Data Protection Regulation (GDPR)’
The GDPR was adopted in April 2016 and adds to the EU’s general policy of protecting citizen’s data. In addition to the notifications of collection and legal ramifications for misuse, there is also a requirement to obtain explicit consent, notify in cases of a hack or breach, appoint dedicated data protection officers and much more. For financial institutions, the new rules will require significant investments in compliance to ensure continuing access to the EU market. The new rules are also pushing firms to pseudonymize personally identifiable information (PII) prior to processing it, meaning that the data can’t be attributed back to a particular person. The pseudonymization of data allows firms to do some larger data analysis – such as assessing average debt ratios of its customers in a particular region — that would otherwise be beyond the original purposes of data collected for assessing creditworthiness for a loan.
This is a real sticky wicket for the average JOE SHMOE webizen.