This document summarizes the requirements for data protection in REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016.
The impact of these rules on a typical corporate identity and access management system are then explored.
The updated rules in EU 2016/679 take effect on 25 May 2018, replacing 95/46/EC (General Data Protection Regulation). As with 95/46/EC, the new rules are intended to not only protect the privacy of EU citizens but also to facilitate trade, through application of uniform rules across EU member states.
This document represents the views and interpretation of Hitachi ID Systems, Inc. It is not intended to replace legal counsel. Organizations subject to EU 2016/679 are strongly encouraged to seek legal advice regarding compliance, especially given the size of potential fines for non-compliance.