What is GDPR/AVG?
EUROPEAN PRIVACY REGULATION
The European Commission has decided that the current legislation no longer aligns with the continuous changes resulting from digitization. This new privacy regulation comes in the form of a European regulation applicable to all organizations in the European Union; the General Data Protection Regulation (GDPR). The GDPR applies directly in all EU member states without the need for transposition into national law.
NEW PRIVACY CONCEPTS GDPR (AVG)
introduces new concepts, such as the right of access and the right to be forgotten. Additionally, GDPR is based on a set of privacy principles. This entails various obligations for organizations. These obligations can range from establishing a register of personal data processing activities to conducting risk assessments (DPIA) and appointing a Data Protection Officer (DPO).
IMPACTS OF GDPR
The impacts of the General Data Protection Regulation are limited for most organizations to maintaining a register of processing activities and implementing privacy-focused information security measures. Risklane offers various solutions to determine which measures are mandatory within your organization. The key potential obligations include:
- Security measures
- Register of processing activities
- Data Protection Impact Assessment (DPIA)
- Data Protection Officer (DPO)
