General Data Protection Regulation (GDPR) Overview

In this article

The General Data Protection Regulation (GDPR) is a European Union (EU) law that focuses on protecting the privacy of personal data for all residents of the EU member states. GDPR demands that you are able to demonstrate compliance with its data processing principles. This involves taking a risk-based approach to data protection, ensuring appropriate policies and procedures are in place to deal with the transparency, accountability and individuals’ rights provisions, as well as building a workplace culture of data privacy and security.

Main requirements of GDPR


Personal data covered by GDPR

GDPR applies to personal data. This is any information that can directly or indirectly identify an individual and can be in any format.


Special Categories

The Regulation places much stronger controls on the processing of special categories of personal data. GDPR considers the following to be special categories of personal information.


University activities

With regards to how GDPR will affect how we do things at the university, here are examples university activities could be subject to GDPR.



Here are some articles about GDPR:

For more information about GDPR, please send an email to