The GDPR means that organisations must significantly change the way in which they protect and process personal data. Organisations must introduce “appropriate technical and organisational measures” to protect personal data – that is, “privacy by design”, with data privacy and security taken into consideration from the start.
Author/s: David Norfolk
