General Data Protection Regulation (GDPR): What You Need to Know
The new EU General Data Protection Regulation (GDPR) laws came into effect on May 25, 2018. Both the GDPR and UK Data Protection Bill made tremendous changes to how businesses collect, process, and use personal data.
The EU GDPR replaces the Data Protection Directive 95/46/EC and vows to protect and empower the data privacy of all EU citizens. The GDPR wanted to change the way organizations across the region approach data privacy. After the legislation came into effect, it offered greater control to the European citizens on the data that belonged to them. The GDPR forced organizations to develop a customer-first mindset. It gave data subjects rights to know where, when, and how the specific organization uses their data. Besides, it granted them rights for easier data access like name, home address, photograph, bank account details or medical information, etc.
GDPR does not apply to the personal data used for national security reasons or law enforcement. However, as a part of GDPR policy, a separate Data Protection Directive for the police and criminal justice department was set. It lays down very stringent rules on exchanging personal data at any level, regardless of whether it is National, European, or International.