What Museums Need to Know to Comply with the New General Data Protection Regulation (GDPR)

As of May 2018 the GDPR comes into effect. All companies, including the public sector, operating in the EU will follow the same set of data protection rules.

The General Data Protection Regulation (GDPR) gives citizens more control over their personal data and businesses will benefit from a level playing field. Museums, too, need to ensure that personal data is processed and stored in full compliance with the strict requirements of the GDPR.

Personal data includes everything that relates to an identified or identifiable living individual. Data storing and processing includes everything from a mailing list to posting a photo of someone online. All organisations are advised to ready themselves for the transition and make necessary changes. If data is not stored properly fines could be applied.

An one minute infographic about the GDPR can be found here.

This explanatory webinar on GDPR and Cultural Heritage Organisations, organised by M+H Advisor, gives a good overview of the do’s and don’ts that museums have to respect following the GDPR rules.