You are here: Home \ Regulatory / Health specific \ What is GDPR, and how to be compliant?

What is GDPR, and how to be compliant?

2 October 2018 - 15:54

GDPR – or General Data Protection Regulation – is in force on the European Territory since May 25th 2018. This new legislation envisions to reinforce the protection of our private lives thanks to a strict and constraining framework that companies, who gather information on their users, need to obey to.

GDPR in practice

Based on the notion of ‘private data’, GDPR provides a series of principles which companies who are active in Europe, whether they are actively based there or not, need to follow. Just to give an example, they need to be transparent to the users on the type of data they gather and on the reasons why they gather this information.

They also need to ensure the transferability of personal data, meaning that the user needs to be able to receive all his personal information in a comprehensive and easy to read format.  Likewise, the user needs to be able to request at any given time to delete his personal data and the company needs to satisfy his request as soon as reasonably possible. And finally, companies are obliged to inform their users in case of a data breach. In case GDPR is not respected, the company risks important financial fines that are proportionally linked to their turnover, or to the turnover of the group if they are an affiliate.

Even if the reasons for implementing GDPR are well founded, it is true that this new framework needs some adaptations. It is true that all these different measures have an impact on the way data can be gathered and the way they are treated and used.

The’ experts can help you with understanding the ins and outs of this regulation and the consequences for your product or your company.

Make an appointment for a GDPR session