General Data Protection Regulation (GDPR) Compliance
The General Data Protection Regulation (GDPR), which formally took effect May 25, 2018, is intended to affect organizations worldwide, including universities. The GDPR:
- Replaces the Data Protection Directive 95/46/ec as the primary law regulating how companies and organizations protect the personal data of European Union (EU) residents.
- Expands personal privacy rights for EU residents and also affects non-EU citizens located in the EU.
- Mandates a baseline set of standards for organizations that handle certain personal and other data of individuals located in the EU to better safeguard the processing and movement of that data.
- Applies to institutions with no physical EU presence if they control or process covered information (irrespective of whether the subject individuals are EU citizens).
- Calls for fines of up to 4% of annual global turnover, or 20 million euros, whichever is more, for violations of the regulation.
PVAMU GDPR Compliance Program
Prairie View A&M University is developing a GDPR compliance program. The University Privacy Officer and the Office of General Counsel have convened a working group with representatives from across the university. The GDPR team is working to develop a risk-based GDPR compliance strategy and develop recommendations for an ongoing, sustainable GDPR compliance program.
Learn more about the GDPR and its impact on PVAMU at GDPR Frequently Asked Questions.
See the GDPR Project Kick Off Slides for a list of working group members and the initial plans for developing the program.
What You Can Do
You do not need to do anything immediately. It will take some time for organizations around the world to sort through, understand, and determine the implications of the GDPR requirements, as well as figure out how best to meet them. If you plan to travel to any EU countries, perform research on any individuals located in the EU or engage in business with a company in the EU, please contact PVAMU Data Protection Officer, Whitney Glenz (email@example.com, 936-261-2126).