General Data Protection Regulation (GDPR)
GDPR applies to all
The GDPR applies to all organisations worldwide that process personal data of European Union (EU) citizens.
Increased fines
Companies can be fined up to €20 million or 4% of annual global turnover for breaches of data protection law.
Tighter Rules
The GDPR tightens the rules for obtaining valid consent to using personal information. Having the ability to prove valid consent for using personal information is likely to be one of the biggest challenges presented by the GDPR, according to research.
The right to be forgotten
The right to be forgotten now forms a central part of the regulation. Individuals have a right to have personal data erased and to prevent processing in specific circumstances.
Expanded compliance
Controllers and Processors must demonstrate compliance of GDPR by adopting detailed processing of records. Both are now equally liable (in case of breach)
Direct and indirect identifiers
GDPR expands on criteria relating to identifying persons and specifically includes 'location' data and 'an online identifier' information.
Mandatory breach reporting
Data controllers to notify data breaches without undue delay and, where feasible, no later than 72 hours after becoming aware of the breach.
The GDPR requires privacy by design
The GDPR requires that privacy is included in systems and processes by design.
Brexit is no excuse
Even though the UK will go through the process of Brexit, because of the extraterritoriality clause in GDPR, it is highly likely that some, or even all, of the GDPR's provisions will be transposed into UK law.
Data Protection Officers
Organisations will be obliged to appoint a Data Protection Officer (DPO)
Want to make sure your school is GDPR compliant?
We provide total peace of mind when it comes to GDPR compliance for your school. The first step towards better IT Support for your school is to have a chat with one of our team. You can call, email or fill in the form with your details to get started.