10 Questions
When did the General Data Protection Regulation (GDPR) come into force?
May 2016
What does the GDPR require in terms of personal data?
It should be purchased lawfully
What is the role of the European Data Protection Board under the GDPR?
To issue opinions and guidance
What are the potential fines for breaches of the GDPR?
4% of annual turnover or €20 million
Which legislation is currently in effect for data protection in the EU?
The Data Protection Directive of 1995
What is the main change regarding accountability under the GDPR?
Data controllers must maintain a written record of their data protection activities
What are the enhanced rights for data subjects under the GDPR?
All of the above
What is the role of the European Data Protection Board under the GDPR?
To issue opinions and guidance to ensure the consistent application of GDPR
What is the new requirement for notifying breaches under the GDPR?
Notify the relevant Data Protection Authority 'without undue delay'
What is one of the key principles of data protection legislation and good practice?
Processing personal information only for legitimate organisational purposes
Study Notes
GDPR Overview
- The General Data Protection Regulation (GDPR) came into force on May 25, 2018.
Personal Data Requirements
- GDPR requires that personal data be processed lawfully, fairly, and transparently; collected for specific, explicit, and legitimate purposes; and be adequate, relevant, and limited to what is necessary.
European Data Protection Board
- The European Data Protection Board (EDPB) is responsible for ensuring consistent application of the GDPR across the EU, issuing guidelines and recommendations, and promoting cooperation among supervisory authorities.
Fines for Breaches
- The GDPR imposes fines of up to €20 million or 4% of a company's global annual turnover for breaches, whichever is greater.
Current Data Protection Legislation
- The GDPR is currently in effect for data protection in the EU.
Accountability
- The GDPR introduces a new principle of accountability, which requires organizations to demonstrate compliance with the regulation, including implementing appropriate technical and organizational measures.
Enhanced Rights for Data Subjects
- Under the GDPR, data subjects have enhanced rights, including the right to be informed, access, rectification, erasure, restriction of processing, data portability, and objection to processing.
Notifying Breaches
- The GDPR introduces a new requirement for notifying breaches to the supervisory authority within 72 hours of becoming aware of the breach, and to the affected data subjects without undue delay.
Key Principles of Data Protection
- One of the key principles of data protection legislation and good practice is that personal data should be processed lawfully, fairly, and transparently.
Test your knowledge on the GDPR with this informative quiz. Learn about the background of the GDPR and what you need to know about EU data protection legislation.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free
