Posted on

1 Year On – A GDPR Review

Back on the 25th May, the European Union saw the first year of it’s General Data Protection Regulation come and go. This regulation has been one of the most vital changes in data privacy in the last ten years; changing the way that every single business handles personal data, among other things.

With the introduction of GDPR, many were confused. The regulation seemed difficult for many to fully understand, especially those who were not well-versed with personal data or the kinds of records that companies were legally able to keep. GDPR enabled the everyday member of the public to have a say in their personal data and refuse to give permission for any company to hold their details.

Understanding What GDPR Is

This subject has been covered time and time again, but for any that are still uncertain, we’d like to take some time to summarise what GDPR is. The regulation is complicated, that’s for sure, but it’s not impossible to understand. GDPR isn’t a complicated IT problem, and for individuals who have regained control of their data, it is the best thing to happen in a long time.

GDPR, or “General Data Protection Regulation”, is a regulation that purely protects and empowers EU citizens and their private data. Any EU citizen has the right to ask a company to delete their private and personal data, and they are legally required to do so.

The goal of GDPR is to ensure that any personal data is not misused – such as for things like cold calling. The regulation protects all EU citizens, even if the company is outside of the EU but holding the data of an EU person.

Businesses Have Struggled To Implement GDPR

Many organisations were not prepared for the new regulation to be put in place and were delayed in putting together the proper procedures to be compliant. There were a number of compliance issues in the early days of GDPR, and even now, not all businesses are fully compliant. A large amount of the organisations that are not compliant are in that state because they believe that the regulation does not apply to them. But it applies to everyone.

Lack Of Compliance Has Not Led To Overpowering Fines

One of the major worries of businesses around the world was that if they were found to not be compliant, they would be hit with a fine so large that they would go under. Small to medium businesses, in particular, seemed concerned. But most investigations have resulted in no such fine, rather, a chance to change.

The People Know Their Rights

GDPR has led to a plethora of people coming to fully understand their privacy and data rights. When you consider that the regulation was put in place to aid the people in their desire for more privacy, GDPR has more than done its job. The individuals of today know more than ever about their data and how that personal data is processed in the business world.