Audit & Risk: Five key facts about the proposed EU GDPR

European regulators are serious about data protection reform. They’re inches away from finalising the General Data Protection Regulation (GDPR), which is a rewrite of the existing rules of the road for data protection and privacy spelled out in their legacy Data Protection Directive (DPD). A new EU data world is coming.

We’ve been writing about the GDPR’s long, epic journey over the past two years. But with the EU Council – the EU’s executive branch – approving its own version, the stage is set for a final round of discussions with the EU Parliament to split the differences. The GDPR will probably be approved by the end of 2015 (or early 2016) and go into effect in 2017. Organisations, including US multinationals that handle EU personal information, will soon be required to comply with tougher rules to prove they’re actively protect personal data. read more

Cindy Ng is a technology, business, and design hybrid. She currently writes for Varonis' Inside Out Security blog, covering data security and privacy.