More than four years after the European Union started its journey toward new privacy rules, the EU Parliament adopted the final text of the new EU General Data Protection Regulation (GDPR) last week. The EU will complete the long and controversial process that led to the new rules next month, publishing the Regulation in the Official Journal of the European Union, but no changes can be made at this point. This leaves businesses with a two-year period in which to get ready for its implementation. Some EU countries, like France, will implement the new rules before 2018.

As a security and risk professional, you must start working now to assess what the new rules mean for your organization and make the necessary changes to technology, processes, and people. As you approach the task, keep in mind that the GDPR introduces important changes, such as:

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access