What is GDPR and how does it affect EDI?
GDPR, or the General Data Protection Regulation, replaces the current UK Data Protection Act with a European wide set of rules that all companies within the EU have to adhere to.
There isn’t a huge difference between the GDPR rules and the current DPA rules. There is a difference in terminology and XEDI have gone above and beyond the requirements by building GDPR rules into the core of the system itself.
How do we define the different elements of GDPR?
There are 7 definitions within GDPR to describe the areas covered. Let’s dive straight in with a quick overview of these definitions.
Processing
Processing is any operation performed on personal data. This can be automated processing by digital systems, or manual processing. This covers collecting, using or recording personal data.
Profiling
This refers to a living person. They can be identified directly or indirectly by reference to an identifier. An identifier could be a name, ID number, location data, online identifier or other factors like physical appearance, physiological, genetic, mental, economic, cultural or social identity.
A Natural Person
This refers to a living person. They can be identified directly or indirectly by reference to an identifier. An identifier could be a name, ID number, location data, online identifier or other factors like physical appearance, physiological, genetic, mental, economic, cultural or social identity.
Personal Data
Personal data is any information related to a natural person or ‘Data Subject’ that can be used to identify the person either directly or indirectly
Controller
This refers to a living person. They can be identified directly or indirectly by reference to an identifier. An identifier could be a name, ID number, location data, online identifier or other factors like physical appearance, physiological, genetic, mental, economic, cultural or social identity.
The Processor
This refers to a living person. They can be identified directly or indirectly by reference to an identifier. An identifier could be a name, ID number, location data, online identifier or other factors like physical appearance, physiological, genetic, mental, economic, cultural or social identity.
Supervisory Authority
This refers to a living person. They can be identified directly or indirectly by reference to an identifier. An identifier could be a name, ID number, location data, online identifier or other factors like physical appearance, physiological, genetic, mental, economic, cultural or social identity.