Background

The GDPR has introduced stricter and more substantive requirements for organisations that process data. Meanwhile, it affords a number of data rights to citizens that organisations are obligated to facilitate. Not doing so, presents the potential for huge fines. In this chapter, the changes made by the GDPR are highlighted. These are contrasted with what the current practice of exercising data rights looks like.