South African Presentations

The European Union - General Data Protection Regulation (EU GDPR) applies to all organisations worldwide that process personal data of European Union citizens. The European Union’s new data protection regulation is complicated and there are key facts you and your institution need to know now, because it comes into force in early 2018. The GDPR applies to all companies worldwide that process personal data of European Union (EU) citizens. This means that any company that works with information relating to EU citizens will have to comply with the requirements of the GDPR, making it the first global data protection law. Amongst other requirements, the GDPR (1) tightens the rules for obtaining valid consent to using personal information; (2) makes the appointment of a Data Protection Officer mandatory for certain organisations; (3) requires data controllers to conduct Privacy Impact Assessments (PIAs); (4) defines data breach notification requirements; (5) requires organisations to not hold data for any longer than absolutely necessary, and not to change the use of the data from the purpose for which it was originally collected, while – at the same time – they must delete any data at the request of the data subject.