In this video, Mandy Huth defines six key terms related to GDPR. Learn the basics of data privacy, consent, personal data, processing, regulations, and directives.
- [Instructor] Because GDPR is so complex, a few definitions are in order. The first is data privacy. We expect privacy. We don't want our personal details everywhere on the Ethernet for people to see and view. Figuring out how that applies in such an interconnected world is very important to this regulation. Next is consent. Consent implies agreement. It implies that one has been informed, and it's okay to use our personal data in the way that we have specified.
An important note here is that consent can be revoked by the data subject at any time they wish. Next, we define what is personal data. Personal data is anything that makes one identifiable. These are things that are not easily changed about ourselves. An example of this in the United States is your Social Security number. An example in the European Union would be a national ID. Also included are names and emails.
Another important concept is if one can put multiple items together and figure out who someone is, it makes it personal data as well. For example, your address and your graduation year, or your doctor's location. If we can figure out who you are from that information, it makes it personal data. Next is processing. Notice that this is an action word. It has lots of implications. That's because all operations performed on your personal data are included under this definition.
It's very important as we scope our agreements that we understand what that processing is. Regulations and directives are common legislative terms, but they have special meaning under the GDPR. First, we'll talk about a regulation. This is a binding legislative act that covers all European Union member states. Once that rule is made, everyone follows that regulation in the same manner. That is different than a directive.
A directive is also legislation that sets goals that the European Union countries must achieve. However, each individual country can decide which laws to enact and how to enact them to reach that goal. We will touch on all of these concepts as we move through the course. These six definitions will come up consistently as we discuss GDPR, so make sure you understand them.
DISCLAIMER: Neither LinkedIn nor the instructor represents you, and they are not giving legal advice. The information conveyed through this course is not intended to give legal advice, but instead to communicate information to help viewers understand the basics of the topic presented. Certain concepts may not apply in all countries. The views (and legal interpretations) presented in this course do not necessarily represent the views of LinkedIn or Lynda.com.
- Define the objectives of GDPR relating to the personal privacy of citizens.
- Determine the responsibilities of data protection officers under GDPR.
- Identify the rights of citizens in the event of a data breach.
- Review the steps that must be taken in the event of a data breach.
- Describe the notification process in the event of a data breach.