Regulation 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“Regulation”) will replace Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data (“Directive”).
The Regulation will be enforced after 25 May 2018, thus, entities are required to prepare for compliance by then.
The Regulation is directly applicable and effective in all member states of the EU. The purpose is to have standardised data protection laws throughout the Union. However, the Regulation allows members states to specify or supplement certain rules. Result: There will be no fully unified data protection regime in the EU but data protection laws of member states will be much closer to each other than under the Directive. (There may be more deviations as regards procedural
rules.)
Data controllers should get familiar with the provisions of the Regulation as soon as possible and this quick guide gives an overview of what they should bear in mind when preparing to comply with it.