The EU General Data Protection Regulation (GDPR) on 25 May 2018 ushered in a whole new era in global data protection and privacy in order to harmonise data protection laws across the EU and replace existing national data protection rules. With a diverse set of rules and regulations, it covers any company that collects and handles data of all European data subject if they are registered in the EU or not.
While trust in data security remains one of the most important aspects of cybersecurity, Data protection and privacy risks are just as high on the agenda. The Australian Information Commissioner (OAIC) has also recommended that Australian businesses should determine whether they need to comply with GDPR and if so seek legal advice regarding the steps required to ensure their personal data handling practices comply with GDPR.