![]() ![]() The GDPR further clarifies that information is considered personal data whenever an individual can be identified, directly or indirectly, “by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.” ![]() ![]() In other words, personal data is defined as any information that is clearly about a particular person. It is up to organisations to correctly interpret the GDPR’s definition:Įrsonal data’ means any information relating to an identified or identifiable natural person (‘data subject’) The issue is that the Regulation doesn’t provide a definitive list of what is or isn’t personal data. Yet, we can understand why organisations continue to struggle with this aspect of the GDPR – particularly if they don’t have a dedicated data protection professional on their books. That’s a concern, because if organisations don’t meet their compliance requirements, they risk data breaches and disciplinary action. However, many organisations are still unsure exactly what ‘personal data’ is. Personal data is at the heart of the GDPR (General Data Protection Regulation). ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |