A new EU regulation governing how organisations should handle and protect our personal data. Many of the stipulations are already covered by the UK's Data Protection Act; but simply put, organisations need to keep records of all personal data, be able to prove that consent was given, show where the data's going, what it's being used for, and how it's being protected. Accountability is the new watchword. If personal data gets stolen after a cyber-attack, companies have to report the breach within 72 hours of realising it. And the definition of personal data has been extended to include extra categories such as your computer's IP address or your genetic make-up - anything that could be used to identify you.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
September 2023
Categories |