We live in a data-driven world. Everything you share online is processed and stored, whether you’re booking a flight or posting a photo on social media. Companies that handle data are responsible for keeping it safe. To ensure they’re held accountable, new global privacy laws have been passed — the most well known being the GDPR.
If you’ve tried to learn about the GDPR, chances are you’ve only encountered pages of confusing legal terminology. Although it’s a complex piece of legislation, its principles are easy to understand for anyone.
What is GDPR in Simple Terms?
GDPR stands for General Data Protection Regulation.
It’s a law created in the European Union (EU) to protect the personal data of its citizens. Although it was passed in Europe, it affects businesses worldwide.
When it went into effect on May 25, 2018, the GDPR set new standards for data protection and kickstarted a wave of global privacy laws that forever changed how we use the internet.
Needless to say, it’s a big deal.
Why Do We Need the GDPR?
Personal data is highly valuable — in fact, it supports a trillion-dollar industry.
Companies like Facebook and Google make their profits by selling personal information to advertisers. With this much money at stake, do you trust them to have your best interests at heart?
Didn’t think so.
The GDPR tells companies of all sizes what they can and can’t do with your information. If you know how this key piece of legislation works, you’ll have more control over your life online.
What Is Classified as Personal Data Under GDPR?
Personal data is information that can be used to identify you. Put simply, it’s any private details that you wouldn’t want to fall into the wrong hands.
Here are some examples of personal data:
Name / phone number / address / date of birth / bank account / passport number / social media posts / geotagging / health records / race / religious and political opinions
Think of personal data like a jigsaw. One-piece alone might not say much, but connected together they reveal a vivid picture of your life.
What Is a ‘Breach’ Under GDPR?
Any incident that leads to personal data being lost, stolen, destroyed, or changed is considered a data breach. Unfortunately, breaches happen all the time.
Here are some newsworthy examples from before the GDPR started cracking down:
- Almost half the population of the US had their name, date of birth and social security number stolen from credit reporting agency Equifax as the result of a data breach.
- Political consulting firm Cambridge Analytica secretly took information from 50 million Facebook profiles and gave it to the 2016 Trump campaign.
Both of these incidents illustrate how data breaches have serious real-world consequences. This is the landscape that the GDPR and similar laws hope to regulate.
Key Takeaways: GDPR Explained in Under 5 Minutes
Here are our What is GDPR? key takeaways:
- The GDPR is a game-changing new privacy law that regulates how companies handle our personal information
- It affects companies worldwide (including businesses in the US) that target customers in the EU
- Companies have to be clear about what they do with the information they collect
- If an organization break the rules, fines may be in the millions of dollars
- Internet users don’t have to do anything — but they do have new legal rights
- The GDPR is the first of these new laws, but there are plenty more to come
For more GDPR help, here are some useful resources:
- EU GDPR Homepage — The official GDPR website has plenty of useful information if you want to dig deeper into the legal side of things
- The ICO’s GDPR Guide — This UK authority’s guide is helpful for businesses in any country
DCM's Data Protection Training for Financial Analysts course
Our one-day Data Protection course gives learners awareness of data protection rights and responsibilities in line with the new GDPR so that they can protect the rights and privacy of individuals when handling sensitive personal data. This is a highly practical course and scenario-based exercises and group discussions will be used to highlight and re-enforce best practice techniques for handling sensitive personal data in the workplace.
Source: Termly
Inhouse Tailored Training for your Team
We provide training programs that are developed by industry, for industry. Our range of programs can be delivered in a way that suits the needs of your business to offer your employees learning that is accessible and flexible.
We add value to your business by providing specialised, flexible and scalable training that meets your training needs. As your workforce grows and evolves, our globally certified and industry-validated learning solutions can assess, train and qualify your employees. For more information on how we can help please visit the in-house training page.
Membership, Stay Connected. Stay Relevant.
Completing a program is a point-in-time exercise that delivers huge value, but there is a next step to maintaining the currency of your skills in the ever-evolving professional world.
Membership is the next step.
A unique platform, membership is designed to ensure that you are in tune and up-to-date with the latest tools, trends and developments. Being a member provides just-in-time training and continuous professional development, and an exclusive and evolving content library informed by subject matter experts and industry leaders.
