General Data Protection Regulation (GDPR), what do you need to know?
Data Protection is about your fundamental right to privacy, including how your personal data is collected and processed. During the course of a normal working day we may access, store, edit or disclose personal data relating to staff, students, patients or research subjects. We have a duty to keep these details private and safe.
The new EU data protection law, which governs acquisition, processing, storage and erasure of personal data is effective from May 25th 2018.
The principles of GDPR are similar to current data protection principles, but with added detail and a new Accountability principle. Accountability means demonstrating how we comply with data protection. There will also be tough penalties for non compliance – up to 4% of annual turnover or €20m.
So, start thinking about and documenting why you are collecting personal data and do you have the individual’s consent? Is it stored securely and when will it be deleted?
If you have any queries, please contact Dónall King DPO or email dataprotection@rcsi.ie
You can access the RCSI GDPR training course here.