Browse Definitions:
Definition

EU Data Protection Directive (Directive 95/46/EC)

EU Data Protection Directive (also known as Directive 95/46/EC) is a regulation adopted by the European Union to protect the privacy and protection of all personal data collected for or about citizens of the EU, especially as it relates to processing, using or exchanging such data.

The EU Data Protection Directive is based on recommendations first proposed by the Organisation for Economic Co-operation and Development's (OECD). These recommendations are founded on seven principles:

  • Subjects whose data is being collected should be given notice of such collection.
  • Subjects whose personal data is being collected should be informed as to the party or parties collecting such data.
  • Once collected, personal data should be kept safe and secure from potential abuse, theft, or loss.
  • Personal data should not be disclosed or shared with third parties without consent from its subject(s).
  • Subjects should granted access to their personal data and allowed to correct any inaccuracies.
  • Data collected should be used only for stated purpose(s) and for no other purposes.
  • Subjects should be able to hold personal data collectors accountable for adhering to all seven of these principles.

The Data Protection Directive is superseded by the General Data Protection Regulation (GDPR), which was adopted by the European Parliament and European Council in April 2016 and will become enforceable in May 2018. The new regulation expands upon previous requirements for collecting, storing and sharing personal data and requires the subject's consent to be given explicitly and not checked off by default. 

This was last updated in January 2008

Continue Reading About EU Data Protection Directive (Directive 95/46/EC)

Join the conversation

2 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Why did the EU take so long to update data protection laws when the world has changed so much?
Cancel
European laws have no bearing on US law. This is being promoted by security companies to generate revenue for new services and products. The only companies that can be penalized for failure to comply are companies with a global footprint in Europe or companies that exist in Europe.
Cancel

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

  • smart contract

    A smart contract, also known as a cryptocontract, is a computer program that directly controls the transfer of digital currencies...

  • risk map (risk heat map)

    A risk map, also known as a risk heat map, is a data visualization tool for communicating specific risks an organization faces. A...

  • internal audit (IA)

    An internal audit (IA) is an organizational initiative to monitor and analyze its own business operations in order to determine ...

SearchSecurity

  • evil maid attack

    An evil maid attack is a security exploit that targets a computing device that has been shut down and left unattended.  An evil ...

  • Common Body of Knowledge (CBK)

    In security, Common Body of Knowledge (CBK) is a comprehensive framework of all the relevant subjects a security professional ...

  • rootkit

    A rootkit is a program or, more often, a collection of software tools that gives a threat actor remote access to and control over...

SearchHealthIT

  • value-based healthcare

    Value-based healthcare, also known as value-based care, is a payment model that rewards healthcare providers for providing ...

  • health informatics

    Health informatics is the practice of acquiring, studying and managing health data and applying medical concepts in conjunction ...

  • clinical trial

    A clinical trial, also known as a clinical research study, is a protocol to evaluate the effects and efficacy of experimental ...

SearchDisasterRecovery

  • crisis communication

    Crisis communication is a method of corresponding with people and organizations during a disruptive event to provide them with ...

  • Zerto

    Zerto is a storage software vendor that specializes in enterprise-class business continuity and disaster recovery in virtual and ...

  • crisis management plan (CMP)

    A crisis management plan (CMP) is a document that outlines the processes an organization will use to respond to a critical ...

SearchStorage

  • hard disk

    A hard disk is part of a unit -- often called a disk drive, hard drive or hard disk drive -- that stores and provides relatively ...

  • cache memory

    Cache memory, also called CPU memory, is high-speed static random access memory (SRAM) that a computer microprocessor can access ...

  • RAID 10 (RAID 1+0)

    RAID 10, also known as RAID 1+0, is a RAID configuration that combines disk mirroring and disk striping to protect data.

SearchSolidStateStorage

  • hybrid hard disk drive (HDD)

    A hybrid hard disk drive is an electromechanical spinning hard disk that contains some amount of NAND Flash memory.

Close