News

What companies need to know about EU data protection regulation

Friday 15 April 2016 00:22 CET | News

The EU has adopted legislation on data protection on 14 April noting that companies could face huge fines for breaching the new law.

Data protection errors will be far more expensive than before. Companies that do not comply with the strict new requirement will face fines of up to 4% of their global revenue for the previous year, or EUR 20 million, depending on which is greater.

Companies will have to appoint a special data protection officer if they are handling significant amount of sensitive data or monitoring the behaviour of many consumers. Under the new legislation companies must keep track of personal data in auditable ways and provide breach notification within 72 hours.

The new rules will essentially give individuals greater control over their personal data. This means that when an individual will no longer want his data to be processed, provided there are no legitimate reasons for retaining it, he can ask his company to erase it. This extends to internet companies storing our data, so someone can technically ask Facebook to erase its profile along with all the data that it has gathered while you were using it.

The law applies to all companies conducting business in Europe regardless of where the companies are based. This means a single set of rule will replace the current patchwork of national laws, making clearer both for businesses and consumers.

The regulation will enter into force 20 days after its publication in the EU Official Journal. Its provisions will be directly applicable for all member states in two years.


Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: data protection, regulation, EU, sensitive data, breach
Categories: Fraud & Financial Crime
Companies:
Countries: World
This article is part of category

Fraud & Financial Crime