Loading…

EU privacy regulations' impact on information governance

The recent swift passage of the European Union General Data Protection Regulation (GDPR) -- a comprehensive update of its 1995 Data Protection Directive -- and the October 2015 EU invalidation of the US Safe Harbor Agreement, which had allowed US companies to self-certify that they provide adequate...

Full description

Saved in:
Bibliographic Details
Published in:The information management journal 2016-01, Vol.50 (1), p.20
Main Author: Schoch, Teresa Pritchard
Format: Article
Language:English
Subjects:
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The recent swift passage of the European Union General Data Protection Regulation (GDPR) -- a comprehensive update of its 1995 Data Protection Directive -- and the October 2015 EU invalidation of the US Safe Harbor Agreement, which had allowed US companies to self-certify that they provide adequate protection for personal data transferred to them from other countries, have US organizations scrambling to determine what this means for the way they govern EU citizens' personal information. This article provides information about the new GDPR and the Safe Harbor Agreement invalidation that will help readers determine their course. The EU's recent activity related to personally identifiable information (PII) triple-underscores the need for organizations to improve their RIM programs. They must be able to: 1. Meet the requirements of protecting PII under the GDPR in the absence of Safe Harbor and producing PII under the Right to Be Forgotten. 2. Protect all data to prevent the catastrophic results of a data breach. 3. Defensibly dispose of data to reduce risks and costs.
ISSN:1535-2897