The General Data Protection Regulation (GDPR), the European Union’s (EU) new data privacy law, takes effect on May 25, 2018 and will impact individuals, companies and institutions. For example, it strengthens individuals’ rights by introducing the right to erasure and data portability; requires companies to implement the principles of privacy by design and accountability; and gives EU data protection authorities stronger enforcement powers including the ability to impose fines of up to the greater of EUR 20 Million or 4% of global revenue. The implementation of these new regulations is expected to lead to better data privacy practices, benefitting both individuals and organizations and helping increase trust between them.
It is important to note that the GDPR not only impacts organizations located in the EU but also those organizations outside of Europe that offer products and services to EU residents.
Blackboard’s Multi-Layered Approach to Data Privacy
Blackboard welcomes the new regulations. For us, data privacy is of the utmost importance and we believe that it’s a human right. That’s why we have implemented several processes to ensure our clients’ data is protected.
The first is the creation of a dedicated Global Data Privacy Program, further enhancing our companywide documentation, systems, processes and global data privacy governance policies. The program includes product standards that support our clients with specific GDPR requirements such as transparency requirements and responding to requests from individuals to have access to their information and to have it corrected or deleted.
We also adhere to European data transfer compliance regulations by hosting our products regionally, leveraging our EU-US Privacy Shield certification and EU-approved model clauses to ensure that personal information of our clients and their learners is adequately protected when accessed from outside the EU.
Additionally, we have enhanced our client contract documentation with a GDPR-ready “data processing addendum” and further strengthened our vendor management and security controls to help ensure that personal information is adequately protected.
You can read our GDPR white paper, which provides an overview of the changes and myths around GDPR and more information on how our Global Data Privacy Program supports our clients. You can also find additional information in the Blackboard Community Data Privacy and Security group.