GDPR comes into force in May 2018. Relevant key points and brief explanations:
1. Expanded scope
With the GDPR coming into effect, the location of a company becomes irrelevant; all organisations processing EU residents’ personal data have to comply.
2. High fines
In case of a GDPR regulatory breach, organisations can face fines of up to 4% of their annual global turnover.
3. Breach notification duty
In case of a security breach, it’s mandatory to send out notifications to healthcare organisations within the first 72 hours to make them aware of the breach.
Find key changes online.