GDPR: Change to European privacy laws and its impact on Australian businesses

  • The European Union General Data Protection Regulation (the GDPR) contains new data protection requirements that will apply from 25 May 2018.
  • The GDPR applies to Australian businesses that are data processors or controllers with an establishment in the EU; offer goods or services to individuals in the EU or monitor the behaviour of individuals in the EU.
  • Australian businesses that operate in the EU or with customers in the EU should confirm whether they are covered by the GDPR, and if so, take the necessary steps to ensure compliance before commencement.

Map of Europe with EU flag pinned in the centre

The European’s Union General Data Protection Regulation (GDPR) imposes significant change to privacy laws in Europe and will apply and be enforced from 25 May 2018. Organisations that fail to comply with the GDPR face heavy fines up to €20 million or up to four per cent of global annual turnover, whichever is higher. The GPDR will have a global impact because it applies to businesses operating in the EU as well as businesses outside the EU that offer goods or services or monitor the behaviour of individuals in the EU. Businesses that are subject to the GDPR should assess their current information and privacy processes and governance structures, and take the necessary steps to ensure GDPR compliance.

This article is exclusive to Governance Institute members and subscribers.

To read the full article…

or Become a member