The General Data Protection Regulation (GDPR), which formally takes effect May 25, will affect organizations worldwide, including The University of Alabama.
To the extent your unit collects, uses or retains personal data from persons in the EU (e.g., prospective students, students, scholars, research subjects, others), the requirements of this regulation may affect you, even if those individuals are not EU citizens.
Recruiting, hiring, online courses, marketing and research involving persons in the EU, in particular, may trigger the GDPR’s requirements. This would include data that is stored or processed on equipment or servers that are housed in the EU. It would also apply if you or anyone in your area travel to the EU.
The GDPR defines personal data very broadly such that the term includes names, addresses, phone numbers, national IDs, IP addresses, profile pictures, personal health care data, educational data and any other data that can be used to identify an individual.
The University of Alabama currently is developing a GDPR compliance program. Representatives from across campus have convened a working group to establish priorities and develop compliance tools. Currently this group is working to:
- Develop a risk-based GDPR compliance strategy.
- Plan how UA will meet key GDPR compliance requirements.
- Prepare the University to adequately respond to questions and requests related to GDPR.
- Begin implementation of prioritized GDPR requirements.
- Develop recommendations for an ongoing, sustainable GDPR compliance program.
- Develop GDPR compliance resources for use by the University community, including privacy notices, consent documents, contract guidance and data mapping guidance.
If you or your area would like to be a part of this effort, contact Dr. Marcy Huey or email uacompliance@fa.ua.edu for inclusion.
Webinar Series
To help increase awareness of this regulation, UA is offering a webinar series throughout the summer, focusing on the GDPR requirements. Information can be found at the GDPR Webinar Series blog post. Check back for updates to topics and presentation information.