About the GDPR

The General Data Protection Regulation (GDPR) affects organizations worldwide, including universities.


  • Replaces the Data Protection Directive 95/46/ec as the primary law regulating how companies and organizations protect the personal data of European Union (EU) residents.
  • Expands personal privacy rights for EU residents and also affects non-EU citizens located in the EU.
  • Mandates a baseline set of standards for organizations that handle certain personal and other data of individuals located in the EU to better safeguard the processing and movement of that data.
  • Applies to institutions with no physical EU presence if they control or process covered information (irrespective of whether the subject individuals are EU citizens).
  • Calls for fines of up to 4% of annual global turnover, or 20 million euros, whichever is more, for violations of the regulation.

GDPR Compliance at UNCG

The Privacy Compliance Working group is a cross-departmental compliance working group, composed of individuals from information technology, legal, and compliance, among others, to lead UNCG’s review and implementation efforts.

The program is managed by the Chief Information Security Officer and the Office of the General Counsel and supported by a group of representatives from across the university.

GDPR Assessment

The Privacy Compliance Working Group has created an Initial GDPR Assessment to help you figure out if the GDPR applies to your data.

Contact Us

Direct questions or concerns to [INSERT EMAIL].