Frequently Asked Questions (GDPR)

What is the GDPR?

GDPR (General Data Protection Regulation) is a sweeping regulation passed by the EU Parliament on April 14, 2016.  It has an enforcement date of May 25, 2018. 

The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.

What do I need to do?

As organizations prepare for enforcement, they need to understand within their supply chain or associated companies if they are prepared for the regulation.  A supplier will be subject to GDPR if they are a data controller or data processor, and have access to PII information on an EEA/EU citizen. As part of due diligence, customers will want to verify with their suppliers whether they are ready for GDPR.  

What does the GDPR Module cover?

GDPR is a complex regulation with many components.  In order to assess readiness, customers need to have knowledge of the regulation, as well as understanding of the right questions to ask.

Assent has created a survey that covers the main components of GDPR as well as creates a risk assessment to classify suppliers knowledge and readiness for GDPR.

Where can I find out more?

For more information, please visit the official GDPR FAQ page here:

Have more questions? Submit a request