What is GDPR?
The General Data Protection Regulation (GDPR) is an EU regulation designed to strengthen the rights of EU citizens. GDPR will replace the Swedish Personal Data Act (PUL) and will enter into force on 25 May 2018.
This law requires your organization to ensure that it fulfils obligations with respect to the following:
1. Sufficient awareness of the new EU data protection regulation
2. Knowledge about the types of personal data in the company’s possession
3. Rule regarding abuse
4. Release of data
5. Individuals’ rights and how you can ensure that you observe these rights appropriately
6. Legal support for management of personal data
7. Consent
8. Children’s information
9. Personal data incidents
10. Risks to personal integrity
11. Data protection in IT systems
12. Designation of an officer for data protection
13. International operations
The list is based on the requirements stipulated by the Swedish Data Protection Authority.
What happens if a company fails to fulfil GDPR obligations?
Violation of the GDPR can result in fines of up to four per cent of an organization’s turnover. It is therefore of prime importance to adhere to the GDPR and demonstrate that your organization takes the rights of individuals seriously – not only to avoid fines but also to prevent negative publicity and damage to your company.
For more information, please contact:
Erik Björhäll, CEO
Phone: +45 73 661 28 06
Do you need help? We support you to develop an action plan.