ABSTRACT
Chapter 1 gives a basic overview of the General Data Protection Regulation (GDPR). Discussing where the legislation applies and who has to comply with it. The Key Concepts of lawfulness, fairness and transparency are outlined and the Principles on which processing must be based are given. The chapter provides the context by summarising the link to previous legislation, what the GDPR has changed and what the changes mean for businesses. Under the legislation organisations need to demonstrate their compliance how to do this are discussed and there is a section on the four things that organisations should do; understand the information, register with your Supervisory Authority, work out what your lawful basis is, document your decisions. The two tiers of fines available for non-compliance are discussed and recent examples of Data Breach fines are given. The chapter concludes with a summary of ways businesses can reduce the risk of a Data Breach.
