What is GDPR Right to Data Portability?

The General Data Protection Regulation will come into effect in all EU states in late May. Among its clauses is the right to data portability.

This allows individuals to acquire and use their own personal data for whatever purposes they deem expedient and in any situation where it seems fitting.

Moreover these individuals are free to transfer, duplicate or physically move their personal data file among IT environments without being impeded or having their security of information breached.

Many businesses and enterprises offer data portability services. Through them, data file owners can see their file, access it, and download it to their personal computer or handheld device in a means that is safe and secure.

They are free to use the information contained in their personal data file to seek employment, apply for a promotion or a new position or even to study their habits with an eye to improvement.

In the banking industry, for example, a client may request his personal data file to investigate his spending habits and improve his investing.

 When Does the Right to Data Portability Apply?

The individual has a right to data portability whenever he/she applies for it. The moving of personal data must be formally requested in writing. The movement of the file must occur electronically.

How Must Organisations Comply?

If a formal request is made by an EU citizen, the institution, business, or individual that has the personal data file must comply.

The data file must be readable by a machine—i.e., structured so that software is able to pull out the basic data. The organization holding this information must ascertain that the request is legitimate. The file must contain only the requesting individual’s data. Portability is provided at no cost to the data owner.

How Soon Must the Business Comply?

Portability must occur no later than a month from the time of the request.