The EU General Data Protection Regulation (GDPR) applies as of 25 May 2018. The aim and objective of the EU General Data Protection Regulation is to protect the personal data of all persons who are located in the European Union. It specifies how the personal data of EU citizens must be handled by all enterprises, public authorities and organisations – regardless of where they are located – which collect, process and analyse their data. It strengthens the rights of all EU citizens in respect of their personal data and gives them more control over their personal data.
The EU General Data Protection Regulation means, first of all, a great deal of work for all veterinary practices, organisations and enterprises operating in the veterinary sector. In order to make it a bit easier for you to deal with the EU General Data Protection Regulation, we have summarised the most important changes contained in the GDPR and developed a guide for implementing the GDPR.
According to the EU General Data Protection Regulation, personal data is any information which, when correlated with a person, can provide insight into that person’s physical, physiological, genetic, mental, economic, cultural or social identity. These are general personal identifiers such as an individual’s name, date of birth and age, place of birth, address, email address or telephone number, identification numbers such as a passport number, national insurance number or tax identification number, banking information such as a person’s bank account number, account balances or credit card information, online data such as IP addresses or location data, physical characteristics such as sex, skin, hair or eye colour or clothing size, and ownership information related to property such as cars, real estate or vehicle registration plates. Employer or other references, income, assets and debts are also classified as personal data, as is all data which allows a person to be identified. Personal data concerning an individual’s sexual orientation, health status, political opinions, race or ethnic origin, trade union membership and religious and philosophical beliefs enjoys special protection.
Your employees, your customers and all other persons who you work with in veterinary practices, organisations and enterprises have the right to receive information about the nature and scope of the processing of their personal data. They can object to the processing of their personal data and request the alteration, restriction, transmission and deletion of their personal data. Furthermore, they can withdraw the declaration of consent they gave pursuant to data protection law at any time.
To enable you to more easily implement the extensive requirements of the EU General Data Protection Regulation concerning the collection, storage and use of personal data, we recommend the following steps: