Issue link: https://read.uberflip.com/i/1191854
Amazon Web Services Navigating GDPR Compliance on AWS 1 General Data Protection Regulation Overview The General Data Protection Regulation (GDPR) is a European privacy law1 (Regulation 2016/679 of the European Parliament and of the Council of April 27, 20162) that became enforceable on May 25, 2018. The GDPR replaces the EU Data Protection Directive (Directive 95/46/EC), and is intended to harmonize data protection laws throughout the European Union (EU) by applying a single data protection law that is binding throughout each EU member state. The GDPR applies to all processing of personal data either by organizations that have an establishment in the EU, or to organizations that process personal data of EU residents when offering goods or services to individuals in the EU or monitoring the behavior of EU residents in the EU. Personal data is any information relating to an identified or identifiable natural person. Changes the GDPR Introduces to Organizations Operating in the EU The GDPR tries to create consistency across EU member states for how personal data can be processed, used, and exchanged securely. Organizations must demonstrate the security of the data they are processing and their compliance with the GDPR on a continual basis, by implementing and regularly reviewing technical and organizational measures, as well as compliance policies applicable to the processing of personal data. EU supervisory authorities can issue fines of up to EUR 20 million, or 4% of annual worldwide turnover, whichever is higher, for a breach of the GDPR. AWS Preparation for the GDPR AWS Compliance and Security experts work with customers across the world to answer their questions and help them run workloads in the cloud under the GDPR. These teams also review the responsibilities of AWS against the requirements of the GDPR. We can confirm that all AWS services can be used in compliance with the GDPR.