On the back of the data security and notifiable data breach laws that came into play earlier this year, many Australian businesses will soon face similar compliance requirements under the European Union’s General Data Protection Regulation (GDPR).
Despite the geographic divide, Australian organisations that offer goods or services in the EU, or that hold data on EU residents will still be bound by the GDPR which is set to come into force later this month.
Like the Australian Privacy Principles, the GDPR is designed to protect the data privacy of its citizens and ensure the responsible handling of private, personal information. However, there are some notable differences between the two sets of regulations particularly pertaining to the EU citizens’ ‘right to be forgotten’.
The OAIC have produced a useful fact sheet for Australian Businesses to help understand the differences and what their obligations are. Check it out here.
Also don’t forget to check out Paul Turner’s message on the Zynet homepage regarding data security.