GDPR: European Data Protection
and the Path to GDPR Compliance
As a quick refresh, GDPR is a legal mandate that affects the way companies store and manage EU-based individuals’ personal data, including basic identity information, racial and ethnic origin, genetic and biometric information, and even their political opinions. It was designed to harmonise the patchwork of European data protection laws.
To comply with GDPR, companies need to inventory their personal data and ensure it is stored in a secure environment. They also need to determine who in their organisations needs access to which categories of personal data and put in place controls to manage that access. Businesses will have to start by searching for and accumulating all personal data they already possess and then storing it securely. Then they will need to design and update rules on how they manage such data.