News archive
- Organi welcomes Chris Bro...
- Jobs: Organi is looking f...
- Day 2 @ EMEA PUG Challeng...
- Day 1 @ EMEA PUG Challeng...
- Organi @ EMEA PUGChalleng...
- Contest: 'Power in the wh...
- Organi @ AngularConnect 2...
- Social Media: Linkedin 'S...
- Customer in the picture: ...
- Organi @ Transport & Logi...
- Transport & Logistics 201...
- Win one week of free driv...
- Demo e-shop Verhelst at M...
- 40 years Organi: first ho...
- André Celis has been suc...
- 40 years Organi: a word f...
- 2017: 40 years Organi & D...
- Business-wide solution: i...
- 40 years Organi...
- Wijckmans NV works faster...
- Article: Transport Th. Wo...
- Organi integrates with IN...
- OLS Customs supports the ...
- Who's afraid of the baili...
- OLS linked to Pionira (e-...
- What you should know abou...
- Strategic seminar Bailiff...
- Strategic customer semina...
- Deactivation of the tempo...
- Organi appoints 3 new ...
- Electronic invoicing...
- Closing dates Organi...
- Audi Brussels relies on t...
- Video - Enterprise Mobili...
- Organi again recognized p...
- Organi recently joined Fe...
- Organi supports growth st...
- Organi at EMEA PUG Challe...
- Testimonial De Wilde & Ba...
- Case study Dikaioma...
- Organi hires 5 new employ...
- BSA audits regarding soft...
- CROS and electronic invoi...
- THE SOLAS AMENDMENT (Veri...
- Benefits of a digital arc...
- Insights Laboratorium Sme...
- Associate Member of Antwe...
- Organi exists 39 years...
- The upcoming Customs Legi...
- Mobile app automates serv...
- Organi participates in Pu...
- Verhelst Group carries bu...
- Innovation and the digita...
- Bailiff Robert Ronny...
- Save the date - 18 April ...
- TOLNatie makes the differ...
- Organi is the first IT co...
- Pieter Vandenbulcke appoi...
- Power Tools Distribution ...
- Integration of our first ...
- Stylin'Art optimises busi...

What you should know about GDPR
There is currently a lot to do about the new European privacy legislation, called the General Data Protection Regulation (GDPR) about the protection and exchange of personal data.
A brief summary of the current status.
GDPR in a nutshell
The EU General Data Protection Regulation or GDPR frameworke will replace the current Data Protection Act. As with most major legislative change it will not be enforced immediately and will likely become compulsory in May 2018. The main intent of the GDPR is to give individuals more control over their personal data, impose stricter rules to companies handling it and make sure companies embrace new technology to process the influx of data produced. Here are the major changes that are mentioned in this new legislation:
Making you as a company handle data with transparency, competency and accountability. Your customers should be able to easily find out, what data you have about them, how you use it, how you protect it, why you need it and who you might share it with. The legislation recognises the value of data, both in terms of personal privacy of your customers and data as a resource that can be bought and traded.
The aim of the new European Data Protection Regulation is to harmonise the current data protection laws in place across the EU member states. The fact that it is a “regulation” instead of a “directive” means it will be directly applicable to all EU member states without a need for national implementing legislation.
What are the major changes?
Here are the major changes that are mentioned in this new legislation:
Expanded territorial reach
Companies that are based outside of the EU, but targeting customers that are in the EU will be subject to the GDPR which is not the case now.
Consent
Consent of personal data must be freely given, specific, informed and unambiguous. Consent is not freely given if a person is unable to freely refuse consent without detriment.
Accountability and privacy by default
The GDPR has placed great emphasis on the accountability for data controllers to demonstrate data compliance. They will be required to maintain certain documentation, conduct impact assessment reports for riskier processing and employ data protection practices by default – such as data minimisation.
Notification of a data breach
Data controllers must notify the Data Protection Authorities as quickly as possible, where applicable within 72 hours of the data breach discovery.
Sanctions
This new legislation allows the Data protection Authorities to impose higher fines – up to 4% of annual worldwide turnover. The maximum fines can be applied for discrepancies related to international data transfers or breach of processing principles, such as conditions for consent. Other violations can be fined up to 2% of annual worldwide turnover.
Role of data processors
Data processors will now have direct obligations to implement technical and organisation measures to ensure data protection, this could include appointing a Data Protection Officer if needed.
Removal of notification requirement
Some data controllers will be glad to hear that the requirement of notifying or seeking approval from a Data Protection Authority is going to be removed in many circumstances. This decision is made to save funds and time. Instead of notification the new directive requires data controllers to put in place appropriate practices for large scale processing in the form of new technology.
Right to be forgotten
This change is one of the most useful changes for the average person managing their data protection risks. A person will be able to require their data to be deleted when there is no legitimate reason for an organisation to retain it. Following this is requested the organisation must also take appropriate steps to inform any third party that might have any links or copies of the data and request them to delete it.
This new directive has clearly been created acknowledging that people produce much more sensitive data than they have ever before. Managing data on a large scale can be risky for organisations if they do not plan out an appropriate strategy and update their systems to handle the influx. This kind of negligence can lead to data breaches or leaks.
To conclude...
As the new legislation is still unclear, we will be detailing helpful strategies and tips to help your company in order in the coming months.
To be continued.