Tag: “General Data Protection Regulation” (GDPR)

General Data Protection Regulation (GDPR)

Posted on | by

 

 

 

 

 

Assume you are an IT security specialist for a large U.S. online retail organization that does business internationally. Your CIO has asked you to thoroughly review the new General Data Protection Regulation (GDPR) recently implemented in the European Union. He wants to understand exactly what the organization must do to comply with this regulation when doing business with EU customers.

Provide a detailed discussion about the rules for businesses and the rights of the EU citizens.

Include a discussion of the following:

What does the GDPR govern?
What rights do the EU citizens have with regard to their data?
What is considered personal data under this regulation?
What is considered data processing under this regulation?
Describe the role of the data protection authorities (DPAs).
Discuss, in detail, how the GDPR will change business and security operations for your organization. Provide the CIO with a recommended checklist for GDPR compliance and discuss processes and policies that may need to be changed in order to comply with GDPR.

In your conclusion, address what you think will be the financial impact to the organization, both in terms of compliance and any lack of compliance.

“General Data Protection Regulation” (GDPR)

Posted on | by

 

 

 

The European Union legislation called the “General Data Protection Regulation” (GDPR) provides data privacy protections for consumers and has had a major impact on companies around the world.

In your initial post, address the following as part of your response:

What are the general requirements and major impacts of the GDPR, and how does this law differ from data protection legislation in the United States?
How are companies outside of Europe affected by the GDPR?
How do perspectives on the GDPR differ between consumers and businesses? Do perspectives vary by industry?
Do you think there should be one data privacy law for the entire world? Balance your discussion by weighing the benefits to international companies with your knowledge of the differences in culture, politics, and government around the world and the importance of sovereignty of countries.
In your responses to two or more of your peers, use the following questions to guide your responses:

Consider how the principles of globalization can be applied to the harmonization of data privacy laws. Do you expect legislation similar to the GDPR to be passed by other countries around the world? Why or why not?
Do you agree or disagree with your peer’s opinion on whether there should be global data privacy legislation? Why or why not?
How could your response to the harmonization of data privacy laws apply to other regulatory areas (such as accounting)?