United Kingdom

EU General Data Protection Regulation Game Changer

The European Union General Data Protection Regulation (EU GDPR) is set to come into effect on the 25th of May 2018 and will strengthen the rights of individuals online, while creating significant obligations for businesses operating in an increasingly connected world.

The regulation applies to information which directly or indirectly identifies an individual, including customer lists, contact details, genetic/biometric data, and online identifiers like IP addresses. While the EU GDPR builds on the prior EU Data Protection Directive, it brings significant changes in several areas. All organisations globally that process personal data either relating to the offering of goods or services, or the monitoring of activities of EU residents, will need to comply.

The new regulation will require organisations to strengthen existing controls, implement new processes and procedures, and document, embed and evidence them appropriately. Organisations will also have to consider the best ways of enabling individuals to exercise their rights surrounding their personal data and its use.

The EU GDPR is therefore a game-changer when it comes to the collection, processing and storage of personal data, and one with global implications. As such, organisations need to evaluate their existing position, prepare for the impending changes, and ensure their data protection systems are robust going forward.


“The European Union data privacy landscape is about to undergo dramatic change, with lasting enterprise wide implications for the way that organisations handle, protect and use the personal data of EU individuals. Organisations of all sizes, across all industries, and geographies that process personal data of EU residents need to take steps now to comply with the new EU General Data Protection Regulation by 2018, to satisfy management fiduciary duties and avoid potentially costly penalties.


Kevin P. Kalinich, Esq., Global Cyber Practice Leader, Aon Risk Solutions

Read our latest GDPR white paper to help fully understand your businesses GDPR risks

Adam Peckman

Global Cyber Risk Consulting Practice Leader

+44 (0)7803 695 386