A new European privacy regulation.
The General Data Protection Regulation (GDPR) is a new set of rules created by the European Parliament in April 2016. Under this regulation, any company or individual that processes data by which an individual can be identified will also be held responsible for the protection of that data. This includes third parties such as cloud providers. Every company who wants to do business in an EU country needs to comply. In this blog, the 6 basic principles of the GDPR are explained.
The GDPR’s Basic Principles
The principles of the GDPR are focused on the privacy rights of every person when it comes to collecting and processing their data:
- The Principles of Lawfulness, Fairness, and Transparency: These dictate that the personal data needs to be processed in a way that is lawful to the subject.
- The Principle of Purpose Limitation: The data processors can only use the data for the objectives they’ve explicitly described and justified.
- The Principle of Data Minimization: The information that is required has to be relevant for its purpose and limited to what is necessary.
- The Principle of Trueness, Accuracy: If some of the data is inaccurate, it should be removed or rectified.
- The Principle of Storage Limitation: Data is kept in a form which permits identification of persons for no longer than is necessary for the purposes for which the personal data is processed.
- The Principle of Integrity and Confidentiality: This principle stands for taking all required measures to ensure all the personal data is protected.