What is data protection regulation (GDPR)
General Data Protection Regulation (GDPR) is a new data protection legislation within the EU aimed at imposing more stringent requirements on the handling of personal data. This applies primarily to organizations that collect, store and process personal data. The EU's new data protection regulation implies the mandatory application of new processes and procedures for safer data handling and sensitive information. Organizations that do not comply with the requirements risk including sanctions.
The main purpose of the new computer legislation is to increase citizens' rights and harmonize all EU Member States. The current 1995 data protection directive has a common ground in the European Union, but it is up to each state to implement the acquis. By implementing the new data protection regulation, the same law will apply in all EU countries. In Sweden, the EU's new data protection regulation will replace the Personal Data Act (PuL).
EU and data protection regulation
The new data protection regulation will apply immediately in all Member States on 25 May 2018.
GDPR imposes more stringent requirements on handling personal information and sensitive information.
Organizations that do not comply with the law may be forced to pay an administrative penalty.
