Browse Definitions :
Definition

EU Data Protection Directive (Directive 95/46/EC)

EU Data Protection Directive (also known as Directive 95/46/EC) is a regulation adopted by the European Union to protect the privacy and protection of all personal data collected for or about citizens of the EU, especially as it relates to processing, using or exchanging such data.

The EU Data Protection Directive is based on recommendations first proposed by the Organisation for Economic Co-operation and Development's (OECD). These recommendations are founded on seven principles:

  • Subjects whose data is being collected should be given notice of such collection.
  • Subjects whose personal data is being collected should be informed as to the party or parties collecting such data.
  • Once collected, personal data should be kept safe and secure from potential abuse, theft, or loss.
  • Personal data should not be disclosed or shared with third parties without consent from its subject(s).
  • Subjects should granted access to their personal data and allowed to correct any inaccuracies.
  • Data collected should be used only for stated purpose(s) and for no other purposes.
  • Subjects should be able to hold personal data collectors accountable for adhering to all seven of these principles.

The Data Protection Directive is superseded by the General Data Protection Regulation (GDPR), which was adopted by the European Parliament and European Council in April 2016 and will become enforceable in May 2018. The new regulation expands upon previous requirements for collecting, storing and sharing personal data and requires the subject's consent to be given explicitly and not checked off by default. 

This was last updated in January 2008

Continue Reading About EU Data Protection Directive (Directive 95/46/EC)

Join the conversation

2 comments

Send me notifications when other members comment.

Please create a username to comment.

Why did the EU take so long to update data protection laws when the world has changed so much?
Cancel
European laws have no bearing on US law. This is being promoted by security companies to generate revenue for new services and products. The only companies that can be penalized for failure to comply are companies with a global footprint in Europe or companies that exist in Europe.
Cancel

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • Whistleblower Protection Act

    The Whistleblower Protection Act of 1989 is a law that protects federal government employees in the United States from ...

  • smart contract

    A smart contract, also known as a cryptocontract, is a computer program that directly controls the transfer of digital currencies...

  • risk map (risk heat map)

    A risk map, also known as a risk heat map, is a data visualization tool for communicating specific risks an organization faces. A...

SearchSecurity

  • certificate authority (CA)

    A certificate authority (CA) is a trusted entity that issues digital certificates, which are data files used to cryptographically...

  • hacktivism

    Hacktivism is the act of hacking, or breaking into a computer system, for a politically or socially motivated purpose.

  • advanced persistent threat (APT)

    An advanced persistent threat (APT) is a prolonged and targeted cyberattack in which an intruder gains access to a network and ...

SearchHealthIT

  • Cerner Corp.

    Cerner Corp. is a public company in North Kansas City, Mo., that provides various health information technologies, ranging from ...

  • clinical decision support system (CDSS)

    A clinical decision support system (CDSS) is an application that analyzes data to help healthcare providers make decisions and ...

  • Health IT (health information technology)

    Health IT (health information technology) is the area of IT involving the design, development, creation, use and maintenance of ...

SearchDisasterRecovery

  • tabletop exercise (TTX)

    A tabletop exercise (TTX) is a disaster preparedness activity that takes participants through the process of dealing with a ...

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a data center.

  • ransomware recovery

    Ransomware recovery is the process of resuming options following a cyberattack that demands payment in exchange for unlocking ...

SearchStorage

  • SSD (solid-state drive)

    An SSD (solid-state drive) is a type of nonvolatile storage media that stores persistent data on solid-state flash memory.

  • file system

    In a computer, a file system -- sometimes written filesystem -- is the way in which files are named and where they are placed ...

  • storage virtualization

    Storage virtualization is the pooling of physical storage from multiple storage devices into what appears to be a single storage ...

Close