GDPR (Copy) — Melius Group

GDPR

The most significant change in the retention, management and processing of data since 1986 and incorporating the huge changes in the way we deploy, use and store personal data in a business. Melius has experienced consultants who can assist you to make sure you are meeting these regulations

What is GDPR?

GDPR is the toughest privacy and security law in the world. Though it was drafted and passed by the European Union (EU), it imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. The regulation was put into effect on May 25, 2018.

Principles of GDPR

There are 7 principles outlined by the GDPR which are listed in the text boxes below

1) Lawfulness, Fairness and Transparency

Personal data should be processed lawfully, fairly and transparently in relation to individuals

4) Accuracy

Data should be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay

2) Purpose Limitation

Data should be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes

5) Storage Limitation

Data should be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed

3) Data Minimisation

Information should be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed

6+7) Accountability, Integrity and Confidentiality

Information should be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures

Principles of GDPR

There are 7 principles outlined by the GDPR which are listed in the text boxes below

1) Lawfulness, Fairness and Transparency-

Personal data should be processed lawfully, fairly and transparently in relation to individuals

2) Purpose Limitation

Data should be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes

3) Data Minimisation

Information should be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed

4) Accuracy

Data should be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay

5) Storage Limitation

Data should be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed

6) Integrity and Confidentiality

The principle of integrity and confidentiality requires you to handle personal data “in a manner ensuring appropriate security”, which include protection against unlawful processing or accidental loss, destruction or damage.

7) Accountability

The data controller or organisation are responsible for compliance with all of the above-mentioned GDPR principles, and most importantly you are responsible for demonstrating compliance if necessary.