The General Data Protection Regulation 2016/679 is a data-focused regulation in EU law that applies to business who operate within, or have customers within the European Union. GDPRS’s parameters for data protection mean customers in the European Union have more control over their personal data and businesses are put on a level playing field.
The GDPR is a set of rules about how companies should process personal data. It lays out a set of requirements that help ensure the privacy and protection persona data, gives data subjects certain rights to request or remove their data, and assigns powers to regulators to enforce these rules. There are ten key components to GDPR:
As a provider for many federal agencies, DOMA has already met or exceeded nearly all of of the GDPR standards. The only requirement left is to select a EU jurisdiction and Data Protection Officer (DPO) that operates within that area.
Until DOMA has a customer that requires us to define a jurisdiction, it is more sensible to postpone this final step. In this way, we can select the appropriate jurisdiction and a DPO that is local to that specific customer. This ensures that the DPO speaks the same language as our customer and can serve as an effective point of contact for guiding them through maintaining GDPR standards.
DOMA is prepared to quickly meet all of the requirements of GDPR, once this selection is made.