{"id":2340,"date":"2017-06-27T12:00:01","date_gmt":"2017-06-27T10:00:01","guid":{"rendered":"http:\/\/honert-sy.sygnal.de\/?p=2340\/"},"modified":"2018-01-26T11:13:19","modified_gmt":"2018-01-26T09:13:19","slug":"the-requirements-of-the-new-general-data-protection-regulation","status":"publish","type":"post","link":"https:\/\/honert.de\/en\/the-requirements-of-the-new-general-data-protection-regulation\/","title":{"rendered":"THE REQUIREMENTS OF THE NEW GENERAL DATA PROTECTION REGULATION"},"content":{"rendered":"\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-av_section-6d8e29337fdd87ef7327b46eb1b48c39\">\n.avia-section.av-av_section-6d8e29337fdd87ef7327b46eb1b48c39{\nbackground-repeat:no-repeat;\nbackground-image:url(https:\/\/honert.de\/wp-content\/uploads\/3629.jpg);\nbackground-position:0% 0%;\nbackground-attachment:scroll;\n}\n<\/style>\n<div id='av_section_1'  class='avia-section av-av_section-6d8e29337fdd87ef7327b46eb1b48c39 main_color avia-section-default avia-no-shadow  avia-builder-el-0  el_before_av_section  avia-builder-el-first  hide_on_print avia-full-stretch avia-bg-style-scroll av-minimum-height av-minimum-height-40 av-height-40  container_wrap sidebar_right'  data-section-bg-repeat='stretch' data-av_minimum_height_pc='40' data-av_min_height_opt='40'><div class='container av-section-cont-open' ><main  role=\"main\" itemprop=\"mainContentOfPage\"  class='template-page content  av-content-small alpha units'><div class='post-entry post-entry-type-page post-entry-2340'><div class='entry-content-wrapper clearfix'>\n<\/div><\/div><\/main><!-- close content main element --><\/div><\/div><div id='av_section_2'  class='avia-section av-av_section-d18d8c2c81d10022ebd21ffa95322c35 main_color avia-section-default avia-no-shadow  avia-builder-el-1  el_after_av_section  avia-builder-el-last  avia-bg-style-scroll container_wrap sidebar_right'  ><div class='container av-section-cont-open' ><div class='template-page content  av-content-small alpha units'><div class='post-entry post-entry-type-page post-entry-2340'><div class='entry-content-wrapper clearfix'>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-av_two_third-9497bbf8bff73ea4c6992cc17fa9ec36\">\n.flex_column.av-av_two_third-9497bbf8bff73ea4c6992cc17fa9ec36{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-av_two_third-9497bbf8bff73ea4c6992cc17fa9ec36 av_two_third  avia-builder-el-2  el_before_av_two_third  avia-builder-el-first  first flex_column_div av-zero-column-padding  '     ><style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-av_heading-b86b03270ba54ebbf1ad9360461072a7\">\n#top .av-special-heading.av-av_heading-b86b03270ba54ebbf1ad9360461072a7{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-av_heading-b86b03270ba54ebbf1ad9360461072a7 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-av_heading-b86b03270ba54ebbf1ad9360461072a7 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-av_heading-b86b03270ba54ebbf1ad9360461072a7 av-special-heading-h1 blockquote modern-quote  avia-builder-el-3  avia-builder-el-no-sibling '><div class='av-subheading av-subheading_above'>27. June 2017\n<\/div><h1 class='av-special-heading-tag '  itemprop=\"headline\"  >THE REQUIREMENTS OF THE NEW GENERAL DATA PROTECTION REGULATION<\/h1><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><\/div>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-av_two_third-9497bbf8bff73ea4c6992cc17fa9ec36\">\n.flex_column.av-av_two_third-9497bbf8bff73ea4c6992cc17fa9ec36{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-av_two_third-9497bbf8bff73ea4c6992cc17fa9ec36 av_two_third  avia-builder-el-4  el_after_av_two_third  el_before_av_two_third  first flex_column_div av-zero-column-padding  column-top-margin'     ><section  class='av_textblock_section av-av_textblock-35972167d9f102c5ddaec0c531c98b9e '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p><strong>From May 2018 the General Data Protection Regulation (GDPR) applies, which standardizes and completely revises the data protection law within the EU. In this process the German data protection law, in particular the Federal Data Protection Act, is automatically superseded. The good news is that the European legislator followed German law in many aspects. The bad news, however, is that the GDPR significantly extends the duties for companies and at the same time drastically raises the fines for infringements. This means that data protection transforms from a \u201cnecessary evil\u201d into an \u201cexpensive evil\u201d.<\/strong><!--more--><\/p>\n<\/div><\/section><\/div>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-av_two_third-9497bbf8bff73ea4c6992cc17fa9ec36\">\n.flex_column.av-av_two_third-9497bbf8bff73ea4c6992cc17fa9ec36{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-av_two_third-9497bbf8bff73ea4c6992cc17fa9ec36 av_two_third  avia-builder-el-6  el_after_av_two_third  el_before_av_one_third  first flex_column_div av-zero-column-padding  column-top-margin'     ><section  class='av_textblock_section av-av_textblock-35972167d9f102c5ddaec0c531c98b9e '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>The General Data Protection Regulation (GDPR) was passed in May 2016. Two years later, in May 2018, it will become applicable law. The advantages for cross-border businesses who have to deal with (to most extent) identical requirements regarding data protection within the EU come with the price of several changes of the current legislation and additional tasks to be fulfilled.<\/p>\n<h2>I. Severe fines<\/h2>\n<p>Before analyzing the details of the changes in content, their relevance will be emphasized by the amount of the newly implemented fines. While data protection was certainly regulated in many aspects, companies were likely to have dealt with this topic in the past mainly for marketing reasons and not for legal reasons, as the violations of data protection usually had smaller legal effects compared to the impacts on public perception. However, by the GDPR fines are established that reach the dimension of fines for violations of antitrust law: the competent authorities may impose fines in the case of breach up to EUR 20 million and\/or up to the amount of 4 % of the annual turnover. This is combined with a considerable reversal of burden of proof. In the case of data leakage or merely a complaint, the company affected has to be able to explain and document that it took all necessary steps to avoid data leakage. The company affected also has to be able to explain and document that it checked thoroughly if it really needs all the data collected. And the new requirements allow a wide range of potential breaches.<\/p>\n<h2>II. Ambit<\/h2>\n<p>The General Data Protection Regulation applies \u2013 like the current data protection law \u2013 for any data processing entity and therefore every company operating within the EU.<\/p>\n<h2>III. New requirements<\/h2>\n<p>First of all, every company affected has to develop a security concept, implement it and (this is important!) document it. In the case of data leakage, the company has to be able to demonstrate on the basis of records, reports, assessments or the like that it tried its best regarding data protection. Also, in the case of data leakage, the supervisory authority has to be informed within 24 hours. This requires the establishment of adequate procedures and structures. And from a serious interpretation of the wording of the law an e-mail being sent to the wrong addressee by mistake establishes a case of data leakage.<br \/>\nIn individual cases a so-called data protection impact assessment has to be made, documented and, in some cases, to be coordinated with the supervisory authority before starting particular data processing. This assessment is an early check of the necessity of the data collection and considering the interests of those involved. This concerns in particular situations in which the company intends to collect extensive personal data while the extensive scope is already considered achieved when the company asks for the usually required fields of a registration mask e.g. for a newsletter or a customer loyalty program to be filled in.<br \/>\nIT-systems, process sequences and default settings have to be set up in such a way that as little as possible data is collected (\u201cprivacy by design\u201d and \u201cprivacy by default\u201d). This again requires the collection of the necessary data, the consideration of the interests of those involved and \u2013 again \u2013 a detailed documentation.<br \/>\nThe GDPR provides a right to information for every party involved in data collection by companies. Companies have to be able to deal promptly with requests of information, which again requires the establishment (and also: documentation) of relevant processes. Otherwise it will be hardly possible to read all data actually stored about a person from the company\u2019s IT-system.<br \/>\nAny existing privacy statements have to be checked and, if necessary, amended in order to meet the new requirements.<\/p>\n<h2>IV. Implementation timetable<\/h2>\n<p>It is not a surprise that there are currently discussions about data protection. The requirements, however, are not clear even though an implementing law was passed by the German legislator at the end of April 2017. So the time period until May 2018 is rather short for implementing all requirements of the GDPR. Most companies may not like it, but data protection has to become a priority matter, in particular due to the impending fines. And even though the supervisory authorities will be busy with establishing the new competences during the first months of 2018, the 25 May 2018 should be borne in mind as a deadline.<\/p>\n<\/div><\/section><\/div>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-av_one_third-9deae2ff43582e0bccfb02cb654e15bd\">\n.flex_column.av-av_one_third-9deae2ff43582e0bccfb02cb654e15bd{\nborder-radius:0px 0px 0px 0px;\npadding:7px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-av_one_third-9deae2ff43582e0bccfb02cb654e15bd av_one_third  avia-builder-el-8  el_after_av_two_third  avia-builder-el-last  sy-only-desktop hide_on_print flex_column_div  column-top-margin'     ><p><div  class='avia-builder-widget-area clearfix  avia-builder-el-9  el_before_av_textblock  avia-builder-el-first '><section id=\"categories-3\" class=\"widget clearfix widget_categories\"><h3 class=\"widgettitle\">Newsletter issues<\/h3>\n\t\t\t<ul>\n\t\t\t\t\t<li class=\"cat-item cat-item-272\"><a href=\"https:\/\/honert.de\/en\/category\/2026-q1\/\">2026 Q1<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-267\"><a href=\"https:\/\/honert.de\/en\/category\/2025-q4-en\/\">2025 Q4<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-265\"><a href=\"https:\/\/honert.de\/en\/category\/2025-q3-en\/\">2025 Q3<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-263\"><a href=\"https:\/\/honert.de\/en\/category\/2025-q2-en\/\">2025 Q2<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-261\"><a href=\"https:\/\/honert.de\/en\/category\/2025-q1-en\/\">2025 Q1<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-254\"><a href=\"https:\/\/honert.de\/en\/category\/2024-q4-en\/\">2024 Q4<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-250\"><a href=\"https:\/\/honert.de\/en\/category\/2024-q3-en\/\">2024 Q3<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-242\"><a href=\"https:\/\/honert.de\/en\/category\/2024-q2-en\/\">2024 Q2<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-238\"><a href=\"https:\/\/honert.de\/en\/category\/2024-q1-en\/\">2024 Q1<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-227\"><a href=\"https:\/\/honert.de\/en\/category\/2023-q4-en\/\">2023 Q4<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-208\"><a href=\"https:\/\/honert.de\/en\/category\/2023-q2-en\/\">2023 Q2<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-206\"><a href=\"https:\/\/honert.de\/en\/category\/2023-q1-en\/\">2023 Q1<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-193\"><a href=\"https:\/\/honert.de\/en\/category\/2022-q4-en\/\">2022 Q4<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-184\"><a href=\"https:\/\/honert.de\/en\/category\/2022-q3-en\/\">2022 Q3<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-182\"><a href=\"https:\/\/honert.de\/en\/category\/2022-q2-en\/\">2022 Q2<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-177\"><a href=\"https:\/\/honert.de\/en\/category\/2022-q1-en\/\">2022 Q1<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-175\"><a href=\"https:\/\/honert.de\/en\/category\/2021-q4-en\/\">2021 Q4<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-173\"><a href=\"https:\/\/honert.de\/en\/category\/2021-q3-en\/\">2021 Q3<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-171\"><a href=\"https:\/\/honert.de\/en\/category\/2021-q2-en\/\">2021 Q2<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-169\"><a href=\"https:\/\/honert.de\/en\/category\/2021-q1-en\/\">2021 Q1<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-167\"><a href=\"https:\/\/honert.de\/en\/category\/2020-q4-en\/\">2020 Q4<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-162\"><a href=\"https:\/\/honert.de\/en\/category\/2020-q3-en\/\">2020 Q3<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-160\"><a href=\"https:\/\/honert.de\/en\/category\/2020-q2-en\/\">2020 Q2<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-158\"><a href=\"https:\/\/honert.de\/en\/category\/2020-q1-en\/\">2020 Q1<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-156\"><a href=\"https:\/\/honert.de\/en\/category\/2019-q4-en\/\">2019 Q4<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-150\"><a href=\"https:\/\/honert.de\/en\/category\/2019-q3-en\/\">2019 Q3<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-138\"><a href=\"https:\/\/honert.de\/en\/category\/2019-q2-en\/\">2019 Q2<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-140\"><a href=\"https:\/\/honert.de\/en\/category\/2019-q1-en\/\">2019 Q1<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-144\"><a href=\"https:\/\/honert.de\/en\/category\/2018-q4-en\/\">2018 Q4<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-146\"><a href=\"https:\/\/honert.de\/en\/category\/2018-q3-en\/\">2018 Q3<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-136\"><a href=\"https:\/\/honert.de\/en\/category\/2018-q2-en\/\">2018 Q2<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-128\"><a href=\"https:\/\/honert.de\/en\/category\/2018-q1-en\/\">2018 Q1<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-126\"><a href=\"https:\/\/honert.de\/en\/category\/2017-q4-en\/\">2017 Q4<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-116\"><a href=\"https:\/\/honert.de\/en\/category\/2017-q3-en\/\">2017 Q3<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-114\"><a href=\"https:\/\/honert.de\/en\/category\/2017-q2-en\/\">2017 Q2<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-142\"><a href=\"https:\/\/honert.de\/en\/category\/deals-en\/\">Deal Announcements<\/a>\n<\/li>\n\t<li class=\"cat-item cat-item-58\"><a href=\"https:\/\/honert.de\/en\/category\/uncategorized\/\">Uncategorized<\/a>\n<\/li>\n\t\t\t<\/ul>\n\n\t\t\t<span class=\"seperator extralight-border\"><\/span><\/section><\/div><br \/>\n<section  class='av_textblock_section av-av_textblock-35972167d9f102c5ddaec0c531c98b9e '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h2>More information on this topic<\/h2>\n<ul class=\"sy-list-margin\">\n<li><a href=\"\/?page_id=964\">Employment Law<\/a><\/li>\n<li><a href=\"\/?page_id=35\">Corporate Law<\/a><\/li>\n<\/ul>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-av_hr-fb479b19f087d3def54096c70f7e0968\">\n#top .hr.hr-invisible.av-av_hr-fb479b19f087d3def54096c70f7e0968{\nheight:8px;\n}\n<\/style>\n<div  class='hr av-av_hr-fb479b19f087d3def54096c70f7e0968 hr-invisible  avia-builder-el-11  el_after_av_textblock  el_before_av_textblock '><span class='hr-inner '><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-av_textblock-35972167d9f102c5ddaec0c531c98b9e '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h2>Downloads<\/h2>\n<p><a href=\"#\" onclick=\"window.print();return false\">Print<\/a><br \/>\n\n\n\n\t<div class=\"dkpdf-button-container\" style=\" text-align:left \">\n\n\t\t<a class=\"dkpdf-button\" href=\"\/en\/wp-json\/wp\/v2\/posts\/2340?pdf=2340\" target=\"_blank\"><span class=\"dkpdf-button-icon\"><i class=\"fa fa-file-pdf-o\"><\/i><\/span> Download (PDF)<\/a>\n\n\t<\/div>\n\n\n\n\n\n<\/p>\n<\/div><\/section><\/p><\/div>\n<\/div><\/div><\/div><!-- close content main div --><\/div><\/div><div id='after_section_2'  class='main_color av_default_container_wrap container_wrap sidebar_right'  ><div class='container av-section-cont-open' ><div class='template-page content  av-content-small alpha units'><div class='post-entry post-entry-type-page post-entry-2340'><div class='entry-content-wrapper clearfix'>\n","protected":false},"excerpt":{"rendered":"<p>From May 2018 the General Data Protection Regulation (GDPR) applies, which standardizes and completely revises the data protection law within the EU. In this process the German data protection law, in particular the Federal Data Protection Act, is automatically superseded. The good news is that the European legislator followed German law in many aspects. The [&hellip;]<\/p>\n","protected":false},"author":26,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"mc4wp_mailchimp_campaign":[],"footnotes":""},"categories":[114],"tags":[],"class_list":["post-2340","post","type-post","status-publish","format-standard","hentry","category-2017-q2-en"],"acf":[],"_links":{"self":[{"href":"https:\/\/honert.de\/en\/wp-json\/wp\/v2\/posts\/2340","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/honert.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/honert.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/honert.de\/en\/wp-json\/wp\/v2\/users\/26"}],"replies":[{"embeddable":true,"href":"https:\/\/honert.de\/en\/wp-json\/wp\/v2\/comments?post=2340"}],"version-history":[{"count":10,"href":"https:\/\/honert.de\/en\/wp-json\/wp\/v2\/posts\/2340\/revisions"}],"predecessor-version":[{"id":3169,"href":"https:\/\/honert.de\/en\/wp-json\/wp\/v2\/posts\/2340\/revisions\/3169"}],"wp:attachment":[{"href":"https:\/\/honert.de\/en\/wp-json\/wp\/v2\/media?parent=2340"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/honert.de\/en\/wp-json\/wp\/v2\/categories?post=2340"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/honert.de\/en\/wp-json\/wp\/v2\/tags?post=2340"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}