GDPR aide-memoire

Enforceable from 25 May 2018, the General Data Protection Regulation (GDPR) gives individuals more power over what people, public authorities, agencies or other bodies which process personal data can do with that data.

With its greatly increased maximum fines for non-compliance and tighter definitions for the acceptable use of personal information, it introduces a standard set of data protection principles throughout the European Union. Importantly, the scope is not just limited to the EU, but to any company or organization which stores or processes the data of EU citizens.

This guide outlines what it means for organizations and individuals, the steps required for compliance, and when a Data Protection Impact Assessment is required. It concludes with a glossary of commonly used terms, and an introduction to the tools from Redgate that can help to meet compliance.