Simply put, the GDPR is new privacy legislation. The GDPR strengthens the rights of EU residents to control how their personal data is handled. It ensures that the institutions and transparency of companies must be what data they collect, how they handle data, and how they use this data. The GDPR requires companies to take security measures and establish processes and procedures to properly protect data.
In summary, the GDPR comes down to the following:
- Enhanced citizens’ privacy rights
- Increase obligations for data protection
- Mandatory reporting of data breaches
- Increased fines for non-compliance