European Union Data Directive

GuidanceEuropean Union Data Directive (EUDD)Risk Management

European Union Data Directive

The 1995 European Union Directive on the Protection of Individuals With Regard to the Processing of Personal Data and on the Free Movement of Such Data became effective on October 25, 1998, and covers the processing of data within the EU and its transfer outside of the EU. The Directive requires EU member states to pass national privacy laws implementing the principles established in the Directive. While laws implementing the Directive vary somewhat from one member state to another, the general framework remains the same throughout the EU. Since the EU imposes sanctions on its members for not passing laws according to its Directive, 15 EU member states (except Ireland, Luxembourg and France) have implemented the Directive to date. Even the three exceptions have privacy legislation that requires compliance from companies doing business in these nations.

The EU Directive applies to all processing of personal information by any person or organization within the EU, both private and public. The Directive applies to all citizens and resident employees. It also covers data processing and/or transfer by entities owned or affiliated with United States companies that process data within the EU. Data can only be processed if certain processing principles are utilized.

> Read entire regulation (log in required - registration is free)