Skip to content
Mihi
MihiMihi
  • Home
  • Solutions
    • Time and Attendance
    • Biometric Clocks
    • Leave Management
    • Benefits
    • HR Helpdesk
  • Global Reach
  • About Us
  • Contact Us
  • Insights
  • Request a Demo

 Login

  • Home
  • Solutions
    • Time and Attendance
    • Biometric Clocks
    • Leave Management
    • Benefits
    • HR Helpdesk
  • Services
  • Global Reach
  • About Us
  • Contact
  • Insights
  • Request a Demo

GDPR Cheat Sheet: Top 10 Things to Know

GDPR Cheat Sheet - top 10 things to know

In April 2016, the European Union (EU) took a significant step towards increased data privacy and security for its citizens by passing the General Data Protection Regulation (GDPR) legislation. It is scheduled to go into effect on May 25th, 2018. Unlike the previous Data Protection Directive, the GDPR is binding for all 28 EU members and overrides any existing local laws.

At its core, the GDPR is a privacy protection law that gives all EU citizens increased rights over their personal data. Further, it allows Data Protection Authorities (DPAs) to manage violations of GDPR, working to ensure non-compliant companies do not get off scot-free. This legislation has global implications, as it impacts EU companies, but also those companies with operations or business interests in the EU. The below ‘cheat sheet’ is an abridged version of the top 10 highlights for global and EU-located companies to be aware of, from the official website.

For Companies Headquartered Outside of the EU

Expanded Geographic Protection: The new GDPR law has widened the territorial scope from that of the Data Protection Directive. The rules would apply to companies regardless of their location if they process personal data of EU residents.

Strict Penalties for Violators: GDPR has a built-in provision for imposing hefty penalties on violators. The law states penalties for noncompliance could reach up to 4% of the violator’s global annual revenue or 20 million Euros, whichever is greater. The new rule forces companies to demonstrate their compliance.

Tighter Data Transfer Regulation: GDPR prohibits the transfer of personal data to a non-EU country without the proper safeguards. In effect, if your headquarters are located outside EU then you can no longer process or store personal information of your EU employees or customers. The only exception is if the individual agrees to a legally binding and enforceable contract, as per the GDPR guidelines.

Mandatory Breach Notification: GDPR requires companies to notify their local DPA in case of any data breach. After the notification, the DPA would investigate to determine whether the company is GDPR compliant or not.

Data Protection Officer (DPO): Multi-national companies that process a large amount of data relating to EU residents will be required to appoint a DPO. The DPO must be independent and fluent in data protection law to ensure GDPR compliance.

For Subsidiaries Located in the EU

Consent Clause: Companies will be required to seek permission from EU citizens before collecting their personal data. The consent must be clear and unambiguous on the purpose of obtaining the data, how it would be stored, and for how long.

Right to Be Forgotten: EU citizens can request companies to erase individual’s personal data. All personal data from all the company’s system and from third-parties must be deleted.

Contracts and Vendors: The new regulations would force companies to review all service agreements and employment contracts with the EU customers and employees. Also, local entities in the EU will have to reassess third-party vendors to ensure the safety of their employees’ personal data.

Privacy Control Mechanism: GDPR pushes companies to adopt ‘privacy by design’ which establishes privacy control mechanism from the start of any process or system rather than adding a protection layer later.

Employees Transferring Data: EU citizens will have the right to obtain and reuse their personal data across various services and data controllers will have to provide the capability for individuals to transfer their personal information securely.

Do you have questions about getting GDPR compliant?

Get in touch with us at +1 (408) 703-0455 or info@mihi.com. If you don’t want to miss on to our articles, subscribe to our blog, and we will send it directly to your inbox.

Tags: cheat sheetconsent clausedata breachdata privacydata protection officerEUEuropean UnionGDPRprivacyright to be forgotten

Post navigation

PreviousPrevious post:GDPR: How Will It Affect the Employer and Employee Relationship?NextNext post:Co-Founder and COO Gita Bhargava Wins Women of Influence Award 2018

Related Posts

5 Things to Know About Global HR Compliance
November 5, 2020
Mihi - HR Techology Conference 2020
HR Technology Virtual Conference & Exposition 2020
October 13, 2020
6 Mistakes to Avoid When Choosing a Global HCM Solution
Onboarding with Technology (An HCM Solution)
September 29, 2020
Mihi Achieves ISO/IEC 20000-1:2011 Certification
June 23, 2020
creating an onboarding process
Creating an Onboarding Process
June 22, 2020
The Cost of Bad Timekeeping
May 20, 2020
Search
Newsletter Subscription

To get the latest news and insights on global HR, Payroll, HR Technology and Workforce management

 

Subscribe

 

Solutions
  • Time and Attendance
  • Biometric Clocks
  • Leave Management
  • Benefits
  • HR Helpdesk
Services
  • Implementation
  • Customization
  • System Integration
  • Analytics
  • Ongoing Support
  • HR Support
Talk to Us
info@mihi.com
+1 (408) 703-0455
Or for technical support, please email support@mihi.info
Solutions
  • Time and Attendance
  • Biometric Clocks
  • Leave Management
  • Benefits
  • HR Helpdesk
Services
  • Implementation
  • Customization
  • System Integration
  • Analytics
  • Ongoing Support
  • HR Support
Talk To Us
info@mihi.com
If you are a current Mihi user, please
email support@mihi.info
for technical support
+1 (408) 703-0455
Search
U.S. Patent Pending
Mihi
Copyright © 2021 Mihi Software, LLC - All Rights Reserved.

Privacy Policy | Terms of Use | Terms and Conditions

Our Site uses cookies in order to enhance your interactions with us. Please review our Privacy Policy to learn how we use cookies and other analytical tools and how you can change your browser settings. By continuing to use our website without changing your settings, you consent to our use of cookies. Accept
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.

    Complete Submission

    ×