GDPR for dummies.
GDPR is framework created by the EU to protect its citizens. One way to look at GDPR is through the example of a credit report. Many of us have had the frustrating experience of fixing our credit. Often times we have no control of who pulls our credit report or reports a negative hit to our report. Why was an item reported, was there due diligence before they added something to our credit? Then there is the problem of identifying WHO to speak with to remedy the situation. When it comes to credit, companies oftentimes require written forms of communication sometimes by mail where you never know what happens or if they will even respond.
GDPR tries to fix all these problems but for your digital footprint with a particular "website" or company. GDPR is a person's rights and a companies responsibility. It starts with elements of awareness, so the consumer knows what data is being requested and how it is being used. Next is the concept of being "forgotten" and lastly are designated entities to help you resolve issues relating to a compies GDPR policy and practices. There will certainly be challenges as GDPR is rolled out and adopted, but the end result is to care for and protect the consumer.
For companies, GDPR can be very taxing and complicated, but in the end, it will be an exercies that will bring the company to a more compliant state in terms of privacy and data security.