The GDPR is the largest change in data protection law since the introduction of the EU Data Protection Initiative in 1995. The aims of the GDPR are simple; improve the security and protection of personal data. The new regulations replace the previous Data Protection Directive and ExpenseIn welcomes this change. Protecting our customer’s data is of the utmost importance to us and ensuring our compliance with the GDPR has been our number one priority.

The GDPR brings a number of significant changes to the previous Data Protection Initiative including, but not limited to, increased territorial scope, stricter penalties for failing to meet the requirements and stronger conditions for consent. In addition, the rights of data subjects have been substantially improved and as a result now have the right to access data, request data be removed and that they be notified within 72 hours of a known data breach.