Strategy and Solution to comply with GDPR : Guideline to comply major articles and save penalty from non-compliance

Abstract

General Data Protection Regulation (GDPR) is no more buzz word and it sets new standard on security across globe. Every organization who deals with data started doing self-assessment to check how it has impact on their business and what are all the ways they can prepare themselves to comply with GDPR. Since 1995, Europe Union (EU) followed "Data Protective Directive" (Directive) on Data privacy. Fourth Industrial Revolution (4IR) has range of new technologies covering digital, artificial, biological and big data and impacting all discipline from aeronautical to economies and industries. Because of fast-moving technology and transformed individual and business behaviors, directive is outdated and is replaced with the General Data Protection Regulation (REGULATION (EU) 2016/679) Compared with Directive, GDPR is most ambitious one and it covers more operators under this act. The regulation completely changes the groundwork for how organizations can manage personal data of EU citizens. GDPR gives more control on Personally Identifiable Information (PII), Protected Health Information (PHI) or other sensitive information and imposes new rules on organization who manage and process PII or PHI. Objective of this white paper is to give broad overview of forthcoming GDPR and it doesn’t focus on legal clause or penalty details. This covers the difference between Directive and GDPR, who are all covered under these new regulations. This also gives idea about consequences of the GDPR if an organization don’t comply with GDPR and how organization to prepare themselves so that they can continue their business as usual without any impact and guide to avoid data breach and penalty.