The General Data Protection Regulation (GDPR) is a unified data protection law that came into effect on May 25, 2018, in the EU, replacing the European Data Protection Directive 95/46/EC.
The law strengthens the protection of personal data belonging to EU individuals and gives them more control over the use of their personal data within the EU and internationally. GDPR aims to unify the regulatory environment for businesses handling the personal data of EU individuals.
GDPR applies to all businesses that process personal data for EU residents. Businesses can be defined as either a data controller or a data processor: a data controller collects and oversees the management of personal data, and data processor processes personal data on behalf of a data controller.
GDPR also expands the definition of “personal data” to include categories of information such as location data, online identifiers (such as an IP address), and other electronic metadata that was not included in previous data protection laws within the EU. Businesses that do not protect the personal data of EU individuals in accordance with GDPR rules are susceptible to significant fines.
Case Status’ Terms of Service explicitly acknowledge our role as a data processor for law firms. Case Status will continue to fulfill that role while providing tools and customer service to help law firms meet their responsibilities as data controllers.
Case Status’ industry-leading security measures protect data stored within and transmitted from the Case Status product. Case Status also provides advanced security features to ensure customers are properly equipped to protect any data stored within Case Status.
For general information on GDPR, please visit the Information Commissioner’s Office website.
Copyright © 2019 Case Status, Inc