General data protection regulation

The 'General Data Protection Regulation' on the protection of natural persons with regard to the processing of personal data and on the free movement of such data is a landmark that will disrupt the rules in the world of data and the digital environment of businesses. Adopted on 27 April 2016, its provisions will be directly applicable in all Member States starting from 25 May 2018. The countdown is on. Both public and private enterprises need to get started now by knowing and understanding the obligations it creates and the innovative concepts it introduces (such as privacy by design, security by default, accountability, data protection officer) in order to be able to proactively grasp how it is going to impact their activities. The stakes are high and the risks are great for all organisations: harm to brand and reputation, misappropriation of trade secrets, data theft (not only their data but also those of their partners and customers) and civil and criminal suits, especially where their computer network has been hacked and used for unlawful activities.