EU's General Data Protection Regulation (GDPR)

As records become increasingly digitized, many institutions hold highly sensitive personal information on their students, employees, and other individuals in digital form. As such, the need to protect data and privacy rights of individual is pressing. General Data Protection Regulation (GDPR) was introduced to specify how consumer data of citizens in the EU should be used and protected. 


Who is affected?

GDPR applies to all institutions involved in processing data about citizens in the EU, regardless of whether the organization is located within the EU. This regulation replaces Directive 95/46/EC.


Enforcement Date: May 25, 2018

Adopted by the European Parliament in April 2016, GDPR will be enforceable in May 2018. Non-compliant institutions face fines up to 4 percent of global turnover or €20 Million, whichever is higher.

GDPR explained in 3 minutes

Five important aspects of GDPR


REGULATION (EU) 2016/…
OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL


of

on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

Resources



AACRAO Activities

2017
Date TBD - Building Awareness of the EU's EDPR, a Discussion Webinar
4 - National Association of College and University Attorneys (NACUA) Webinar



2018
25 - 28 Annual Meeting Session
25 - Enforcement begins
Last updated 08/08/2017