General Data Protection Regulation (GDPR) Handbook for Information Security Managers

Overview

Today’s organisations collect, analyse, and use the personal information of individuals, their family information, social media profiles, images and much more. Administrations, employers, and commercial enterprises are all responsible for the safe, confidential, appropriate handling of such personal data. Without adequate data security controls, personal privacy could be breached leading to prejudice suffered by individuals, loss of customer trust, and damage to the reputation and business of enterprises and organisations.

The European Union General Data Protection Regulation (EU GDPR) has been defined to give EU citizens control over their personal data and simplify the regulatory framework for international businesses and organisations to operate in the EU. It replaces the Directive 95/46/EC of 1995.