Pace University and GDPR Compliance
Why does the GDPR affect staff, faculty, students, prospective students, and alumni?
When certain personal data is collected from an individual in the EU, the GDPR puts that individual in charge of his or her personal data, and allows the individual to exert greater control over the use, transfer, storage, and retention of that personal data. The GDPR will fundamentally affect any organization that collects, stores, processes or otherwise handles an individual’s personal data. The GDPR provides Pace University with an opportunity to further strengthen the way we protect people’s data and ensure that data privacy is central to what we do.
What happens if Pace University fails to comply with the GDPR?
Failing to comply can result in the imposition of monetary penalties.
As with most new laws, it is expected that the applicable regulators in the EU will issue additional guidance in the coming months. We encourage you to visit this website in the future for further information and continuing updates with respect to Pace University’s GDPR compliance efforts.
If you have any questions regarding the GDPR, please contact:
Stephen Brodsky, Pace University Counsel
What is the responsibility of Pace University?
The GDPR places significant new restrictions and responsibilities on Pace University including the responsibilities to:
- Build privacy into systems “by design and default”;
- Conduct regular data privacy impact assessments;
- Implement certain consent mechanisms (particularly when processing personal data pertaining to minors);
- Follow strict procedures for reporting data breaches; and
- Document the use of personal data in more detail.