European Union is as understood by the name the union of Europeans. This union is between the 28 states of Europe.
The core purpose of this union is to pull closer these 28 countries in terms of politics and their economy. The economy is very important for a country and for countries in the European Union it has more importance as the world looks up to them.
The main purpose of this union back in the 1950’s was to get rid of wars.
They made a union of six countries which signed a treaty to help each other as one if war hits any of them.
this union then became political and economical when they started signing treaties on coal and power projects and later on Atomic energy.
The current office of EU is in the city of Brussels, Belgium. Now the question is how such a big political and economic union protects its privacy, how does the information about big projects like atomic energy and other power related projects and the personal information of their citizens are protected and kept as a secret between these 28 countries.
For this privacy, a General Data privacy law also known as the GENERAL DATA PROTECTION REGULATION LAW, it was made in the year 2016 and has been implemented to the Union this year in May.
This system was a replacement for the previous privacy maintaining system known as the Data Protection Directive.
Different proposals were given from 2010 to 2012 for the GENERAL DATA PROTECTION REGULATION LAW, and finally, it was made by Council of European Union and the European Parliament.
The new system controls the personal information to identified of European Union’s citizens. It has been implemented in this May with new strict rules and regulations for the people of these 28 states and their heads.
GENERAL DATA PROTECTION REGULATION LAW is made to protect the privacy breaching of these countries in terms of General information may it be political, personal or economical. If anyone tries to breach the system, then he is fined up to 20 million Euros that is a hell lot of amount.
GENERAL DATA PROTECTION REGULATION LAW for employees across these 28 states would be to making strict procedures in an organization while working with clients and their personal data and on the same lines for every citizen and organization.
GENERAL DATA PROTECTION REGULATION LAW has six basic principles that are as follows:
Lawfulness, fairness, and Transparency
The first principle says it all, all the data should be transparent and all the data subjects should be according to the GENERAL DATA PROTECTION REGULATION LAW.
To remain transparent one should declare the reasons for collecting data of a person or organization. You have to follow the privacy policies religiously.
Purpose Limitation
It says that organizations are allowed to collect only specific personal data after declaring the purpose of their collection.
That data should be protected when used and should be only used until the purpose of the collection is fulfilled and should not be kept further.
Data Minimization
According to the GENERAL DATA PROTECTION REGULATION LAW, the data collection should be minimized, and personal data must be collected specifically keeping in mind the purpose of the collection. This has two major benefits.
The first one is that in case of breach the information they’ll get would be minimum and will only have access to a limited version of data.
Secondly, it will help you to get accurate results as precise data makes you focus on that particular data.
Accuracy
The source of data must be accurate; the general data protection regulation laws urge that the accuracy of data is an essential part of data protection.
The general data protection law has stated that they would take every reasonable step to rectify and erase incomplete and inaccurate data.
Individuals can request the system to erase the data within a month.
Storage limitation
Organizations are ordered to erase data of individuals when it is no longer needed. Some of the lawmakers have set the time period of erasing as the time to which an individual is considered as your customer.if a company is confused in whether he should delete information or not it should consult a legal professional.
Integrity and confidentiality
The general data protection regulation laws have made it clear to all that any data collected should not be damaged or exposed to any other entity other than the one who has collected it for a set purpose.
The information should remain confidential and should not be used in any unlawful activity. The law has asked the organizations to encrypt the data with whatever best possible measures are keeping in view the changing technological society.
Now the question is how can this law be implemented and how can people and organization know about this law and how can they practice it. Well GPDR training is provided as a course to these organizations.
It is a one day course that guides managers about the complete introduction and implementation of this law in their organization. The training is very brief and easy and is given by the EU council’s professionals. It is highly recommended by the European Union to get the course done as it would help the data practitioners, managers and directors in understanding how general data protection regulation laws will help their company or their employees.
Today GDPR is in the news as it has shaken many of the great monsters that kept your personal data and used it in illegal practices. They may not be using it personally, but they cannot keep it safe and hence are responsible if the data is hacked. These monsters include Equifax and Google, Equifax has already been charged with over 500,000 Euros as a result of failing in protection of data and millions of personal data was breached.
The GDPR has also changed the exam and result processing and issuance system of students which has caused the examination bodies many difficulties and complexities, but it is for the good of all the European Union.