Answer to Question #194182 in English for elisa

Question #194182

explanation of key provisions of GDPR.


1
Expert's answer
2021-05-20T10:25:56-0400

The General Data Protection Regulation (GDPR) provides the data protection legal framework in Europe and it was enforced on 25 May 2018. Its key provisions according to European Union (2017) include:

1.     Extra-territorial effect:  it applies to the processing of personal data by an EU business regardless of whether or not the processing takes place in the EU.

2.     Data Protection Officer (DPO): Businesses will need to decide if they need to appoint a DPO.

3.     Consent: This means that where a business intends to rely on consent for the lawful processing of personal data, they must be able to demonstrate that valid consent has been received from each individual whose personal data is being processed.

4.     Enhanced Rights for individuals: Under the GDPR, individuals have a right of access to their personal data, a right to rectify inaccuracies in their personal data, a right to have personal data erased in certain cases, a right to restrict processing of their personal data, a right of portability.

5.      Reduced time period for dealing with individual’s rights: When an individual makes a request (e.g. for access to their personal data), businesses must provide the relevant information without undue delay and within one month of receipt of the request.

6.     Obliging businesses to be clearer about how they use personal data: Businesses must be more transparent as to how they use personal data and so must now provide information to individuals about its processing of their personal data unless the individual already has this information.

7.      Data Protection Impact Assessment: Where the processing is likely to result in a high risk to the rights of individuals, businesses must carry out an assessment of the impact of the processing operations on the protection of personal data and must seek the advice of its DPO (if any) when carrying out a DPIA.

8.     Data Breach Notifications: When a personal data breach occurs, the business must (no later than 72 hours after becoming aware of it), notify the breach to the DPA unless the breach is unlikely to result in a risk to the rights of individuals. If the notification is not made with 72 hours, a reason for the delay must be furnished.

9.      Data Protection by Design and Default: The GDPR introduces the new concept of privacy by design and by default. This is intended to strengthen the protection of privacy by requiring businesses to build consideration of privacy into their product and service design processes.

10.  Right to Compensation for individuals: An individual who has suffered damage as a result of an infringement of the GDPR has the right to receive compensation from a business for the damage suffered. To avoid liability, a business will have to prove that it was not in any way responsible for the event giving rise to the damage. 

11. New obligations for processors: The GDPR strikes an even balance between controllers and processors by making them jointly and severally liable according to their respective responsibility for the harm caused by a breach of data protection law. 

12. Increased Penalties: The penalties for non-compliance with the GDPR have been increased.

13. Ability to appoint a Lead Supervisory Authority (LSA): Enforcement of the GDPR is the responsibility of the DPA (in Ireland this is currently the Data Protection Commissioner until it is replaced by the (yet to be established) Data Protection Commission). Each Member State will appoint one or more independent public authorities to be responsible for monitoring the application of the GDPR. Businesses must cooperate with the DPA on request.

source:

European Union. (2017). What are the key provisions of the General Data Protection Regulation? https://www.lexology.com/library/detail.aspx?g=5ae76660-9770-4718-9010-6657a9351496#:~:text=Under%20the%20GDPR%2C%20individuals%20have,right%20to%20object%20to%20data

 


Need a fast expert's response?

Submit order

and get a quick answer at the best price

for any assignment or question with DETAILED EXPLANATIONS!

Comments

No comments. Be the first!

Leave a comment

LATEST TUTORIALS
New on Blog
APPROVED BY CLIENTS