The European Union Data Protection Regulation (GDPR) will enter into force on May 25, 2018. It is also a matter of curiosity how this guidance, which has been discussed by security experts since the second quarter of 2016, will benefit. What is GDPR? What will be the results? What are the benefits to business?
Since the new guideline is user-centered, all the materials you have been created with the user in mind. In other words, we can say that the directive is designed for users. In GDPR, the user is called the “related person“. You, me and everyone else, are our own personal representatives.
In previous privacy guidelines, the focal point was the business or business processes that were processing personal data. Through these guidelines, the rules were set as to how much of personal data would be kept and what it could do. In GDPR, the focal point is drawn with a definite line on which the rights of the user himself / herself will be directly owned. Everyone who processes personal data has to make sure that the person concerned is watching the rights. So, with GDPR, we can say that the other side of the medallion is gone.
Together with GDPR, the definition of personal data was revised and revised. Now, even the slightest data belongs directly to a living person, this data is now expressed as personally identifiable information (PII). It is envisaged that those who deal with data mining and Big Data applications will also enter into a big struggle for sharing or combining data from different sources.
In order to collect, store and process information about the person concerned, it is first necessary to clearly state for what purpose and for what purpose this information will be handled. If the purpose changes, the person concerned needs to re-achieve. Moving from here, all companies in Europe will have to do a thorough review of how to use this data before proceeding with personal data.
Although there are a variety of technical tools available on the market to assist in the processing of personal data and to automatically categorize and categorize the data, another important requirement is to get support from experts in GDPR compliant processes. At this point, not only the use of technical tools is sufficient, but supervision by authorized persons is another important issue.
Routine transactions, security policies and the objectives of the operator need to be revised. Apart from this, the managers, the employees need to be educated in this regard. Apart from all these, every process to be done and done must be properly documented. If this documentation is also GDPR compliant, it should clearly state how users’ data will be processed.