What is GDPR?
Making sense of the key data protection principlesAs you may have heard, the General Data Protection Regulation (GDPR) took effect on May 25, 2018. Many are wondering what GDPR is and how it will impact them. GDPR has been designed to provide individuals with greater control over how their personal data is collected, stored, transferred, and used, while also simplifying the regulatory environment across the European Union (EU). This new regulation impacts both organizations that conduct business in the EU, as well as businesses that maintain or process EU personal data. LogMeIn recognizes the importance of the evolving legal and regulatory landscape around information security and data privacy and remains firmly committed to GDPR readiness by no later than the effective date.
Some key GDPR principles to consider in implementation include:
- Integrity: Securing and safeguarding personal data using appropriate technical and organizational security measures.
- Lawfulness: Organizations must, among other things, ensure they have a legal basis for processing personal data, and process that data in a fair and transparent manner.
- Limited Use: Personal data may only be collected for specific, explicit, or legitimate purposes.
- Data Minimization: Only collect data that is relevant and necessary for its intended use.
- Accuracy: Personal data must be accurate and up-to-date.
- Storage Limitation: Subject to relevant exceptions, maintain personal data only for as long as is deemed necessary and reasonable.
NOTE: The above information is provided by LogMeIn for informational purposes only and is not intended to serve as legal advice. You should contact your attorney to obtain advice with respect to any particular GDPR question, issue or problem.