ABSTRACT

The General Data Protection Regulation (GDPR) is the latest European Union (EU) Regulation on data protection and privacy for individuals and came into effect on 25 May 2018. Like many pieces of legislation, GDPR can appear extremely complex at first glance, but it is based on the simple concept that every individual has a right to privacy and a right to decide what happens to their personal data. The GDPR in effect consolidates all the previous data privacy laws from across Europe. At the same time, it protects the privacy of individuals. The GDPR established the European Data Protection Board as an independent European body, based in Brussels, who are responsible for ensuring the uniformity of data protection rules throughout the EU and for promoting cooperation among the EU’s national data protection authorities. Data privacy is the branch of information security dealing with the proper handling of data concerning consent, notice, sensitivity and regulatory concerns.