New European General Data Protection Regulation gets the green light

Published: Tuesday, 22 December 2015 08:37

Organizations based and operating in the European Union have a new compliance risk to prepare for, as the European General Data Protection Regulation passes its final hurdle.

Following extensive, multi-year negotiations the European Parliament and European Council have now reached an agreement on the new General Data Protection Regulation modernising a legal framework which dates back to the 1990s (source: ENISA).

The Regulation gives national competent authorities (DPAs) greater enforcement powers, strengthening their role, as well as reinforcing the rights of individuals with regards to data protection in the digital era.

According to the European Commission the main provisions of the European General Data Protection Regulation are:

Next steps

The European General Data Protection Regulation will now be ratified by the European Council, a step considered to be a formality. The next meeting of the European Council starts on February 18th 2016 and if ratification occurs at this meeting the Regulations are expected to come into force two years later.