Scribd Logo
Upload

Welcome to Scribd!

  • GDPR Compliance Requirements

    Uploaded by

    Happyninjayt
    51 views2 pages

    Original Title

    gdpr

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    51 views2 pages

    GDPR Compliance Requirements

    Uploaded by

    Happyninjayt

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    GDPR Compliance Requirements

    GDPR:
    General Data Protection Regulation (GDPR) is a law enforced by Europe for the sake of data
    protection. The type of data we are talking about here is personal data. So, what is personal data?
    Personal data is the private and sensitive information of an individual which is used by the
    government assets with a strict guideline that any chance of mistake is not allowed. This information
    of an individual is used only for certain purposes which are new and do not match with the old
    purposes. The general data protection regulation helps the different organizations in their work
    while being in a certain limitation. Further policies and laws are governing GDPR which helps these
    organizations. GDPA was an act that was released in 2018 while keeping in mind the act of 1998. It
    was pretty similar to this act; however, few amendments were made.

    The GDPR works with the two terms mainly controller and the processor. Processor is the reason for
    the personal data while the purpose of using this personal data is known as the controller. In a
    processor, the legal obligations are followed by the people with certain laws while control is free of
    legal obligations. These are used by the organization.

    There several principles of GDPR which are also known as its requirements. These are made
    according to the laws and policies. These are majorly 7 principles in total. Following are the
    requirements of compliance:

     Fairness, lawfulness, and transparency


     Limitation of Purpose
     Minimization of data
     Accuracy
     Limitation of storage
     Confidentiality and integrity
     Accountability

    Lawfulness:
    The first requirement is lawfulness, transparency, and fairness widely known as the requirement of
    lawfulness. In this type of principle, the law basis is always considered and identified, without it, the
    requirement cannot be achieved. In this case, unlawful things and matters are avoided and only
    fairness is applied. Processing on individuals is noticed while the justification of impact upon it. It is
    highly required that the personal data of people should be used as they expect and not in an
    unexpected way which will count as an illegal activity. This can be led to the misleading of people.
    Transparency is encouraged. The data should always be clear as well as the processing. However,
    there are certain limitations present in this requirement. The limitation of purpose means that the
    purpose should be clear and new and does not matches the old one. In this way, the requirement of
    lawfulness is fulfilled.

    Lawful Basis:
    There are 6 different lawful bases explained in the act of GDPR.

     Consent
     Contract
     Legal obligation
     Public task
     Vital interest
     Legitimate interest

    Minimization of data:
    In this requirement, the data is said to be adequate, limited, and personal. The purposes are
    specified in this task. However, sufficient personal data is used to fulfill the purpose. It is important
    to erase and deleted unwanted data from personal data to avoid excessive data. Some opinions
    support minimization by clear goals. These are not included in the facts.

    Accuracy:
    In each step of processing personal data, there must be accurate in their certain tasks. Several
    processes are used for managing the accurate data at right time. Mistakes are highly discouraging
    because of the rights of the individuals. However, they might face various challenges.

    Storage Limitation:
    In this requirement, it is important to note down the time taken or the time which will be taken in
    holding the personal data. There are retention periods as well which can be used according to the
    purpose length. There are certain policies through which you can take retention in time. Again,
    excessive data is erased and made anonymous.

    Confidentiality and integrity:


    It is regarding the securing of personnel. It is a very sensitive requirement of providing security to
    the personal data of users. There is a policy named as information security policy that governs this
    requirement. The use of encryption is highly encouraged in this requirement. Security is a must
    when we are talking about personal data

    Accountability:
    The person who is using the information of personnel should be held accountable for his work. It is
    also necessary to be accountable for complying with other requirements with personal data. There
    must be data protection policies as well. Therefore, the steps involved in processing should also be
    given evidence.

    Rights:
    There are 8 different rights of personal data usage. These rights are also governing the requirements
    that are why they are mentioned here. These rights are specially made for the protection of the
    personal data of people. They are the following:

     Access
     To be informed
     rectification
     Data profitability
     Restriction of processing
     To erasure
     To object
     Automated decision making

    You might also like