Cyber Security

The General Data Protection Regulation (GDPR) is a Regulation that has caused a lot of confusion and panic since it was implemented in May 2018. I personally witness that confusion as some of the people I work with were confused, and didn’t really like the regulation. Universities are one of the entities that are affected by GDPR as some of their students and employees are from abroad. Universities are said to have three different groups, the students coming from abroad or attending a remote university abroad, employee for all employees who are E.U citizens, or work from abroad, and also marketing for anyone that interacted through the marketing website whose data was collected even if they are not a student or employees but are EU Citizens.

The GDR require breach notifications and states it as mandatory for members holding data to report any breach that risk peoples personal data, and the time is 72 hours after the breach is found/ identified. The right to Access enables people whose data is being processed to ask and know where and why their data is processing. The right to be forgotten, this gives the right to the data owner of requesting their personal data be erased, and ceased spreading / sharing data and halting any third party’s process as well. Data portability is the right to receive personal data they have submitted and conveyed it to another controller (person or entity that controls data, decides what is done with it).

Raths, D. (2018). What GDPR means for U.S. Higher Education, Campus Technology. Retrieved from https://campustechnology.com/Articles/2018/05/24/What-GDPR-Means-for-US-Higher-Education.aspx?Page=1

gdpr-info (2018). General Data Protection Regulation (GDPR): Final Text Neatly Arranged. Retrieved from https://gdpr-info.eu/