THE GENERAL DATA PROTECTION REGULATION GUIDEBOOK: MAKING SENSE OF A COMPLEX NEW LAW
Understanding the new General Data Protection Regulation (GDPR) can be challenging. It’s a complex law with confusing language. Making matters worse, the law has a far reach and prescribes potentially hefty fines for non-compliance. Without understanding the basics of the law, it could be easy to make an unwitting mistake that could cost you.
For example, let’s say you use an IT software vendor that suggests their products can help you achieve GDPR readiness. It’s not necessarily bad to suggest that a vendor’s products and services can help, but it’s important to understand the facts around GDPR so you can distinguish fact from fiction. GDPR readiness is achieved by companies, not a single product. Organizations are ultimately responsible for their own GDPR compliance.
To help give you a clear understanding of key aspects of GDPR, we’ve put together the following guidebook. We’ll cover the key terms, ideas on how to evaluate data breach impact, and even provide some pointers on how to move toward GDPR readiness. But first, we need to explain what GDPR is and who it impacts.