What is it?
The GDPR may sound like any other acronym, but it will be a game changer as of May 25, 2018. GDPR stands for General Data Protection Regulation and refers to a regulation passed by the European Parliament, the European Commission, and the Council of the European Union. Set to go into effect on May 25th, 2018, the GDPR will replace the Data Protection Directive of 1995.
The Directive allowed each EU member state to interpret The Directive and make their own laws based on that interpretation. This lack of uniformity created 28 different sets of data protection laws, one for each member state based on their intrepretation. The GDPR will standardize the control and processing of personal data of EU residents in the EU and around the world.
The new set of laws applies to all companies that either: (a) offer goods and services to EU residents; or (b) have employees residing in the EU; or (c) monitor the behavior of EU residents. According to the European Commission’s press release, “personal data is any information relating to an individual, whether it relates to his or her private, professional, or public life. It can be anything from a name, a home address, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer’s IP address." In addition, it includes your work information such as work email.
The GDPR will also encompass the need for both the personal data controller and processor to be directly liable for failure to safely and securely handle personal data of EU residents. The Controller is the person, public authority, agency or any other body which alone or jointly with others determines the purpose and means of processing personal data. The Processor can be a person, public authority, agency or any other body that processes personal data on behalf of a controller.
When you consider all the different companies this regulation affects, many believe the GDPR will become the “gold standard” for global businesses relative to the privacy and security of personal data. Even if a business merely stores the personal data of an EU resident they are required to comply with the GDPR. Most, if not all, companies will be pulled into the net, as experts often describe this Regulation. Many experts also believe that other countries will adopt similar regulations to emulate the GDPR to protect their citizen's data as well.
For many companies, including Dwellworks, adjusting processes and procedures to comply with the GDPR will be a focus in the year to come. Since we recognize the changes that Dwellworks must make, we started working on GDPR compliance issues in 2016 and are working with third-party experts to assure compliance in advance of May 25, 2018.
We recognize that to manage the services we provide to the relocating employees of our clients we must be compliant with all laws and directives regarding the handling of personal data. In today’s world of rampant identity theft, hacking, massive security breaches, and the expanding body of aggressive laws to protect personal data, Dwellworks is committed to doing our part to keep personal data secure.
Involved in relocation? Learn more about Dwellworks Destination Services here!