Irvington, Virginia – August 25, 2017 – The Tambellini Group, the world’s leading independent research and advisory firm dedicated exclusively to higher education, today announced the release of its newest research report, The European General Data Protection Regulation (GDPR) and Higher Education Institutions.
The new European data protection law comes into effect in all 28 European Union (EU) countries on May 28, 2018, but also impacts U.S. higher education institutions in terms of any processing of personal data of students travelling to the EU, students being recruited and accepted into programs from the EU, and employees or self-employed contractors (including academic staff) travelling to and from the EU. It also applies to academic research that includes the processing of personal data and is conducted in the EU or contains personal data that belongs to EU citizens. Breach of compliance may result in fines of up to €20 million or 4 percent of annual global turnover, whichever is higher.
The purpose of this report is to assist U.S. higher education institutions in identifying the steps they need to take to comply with the law. The report gives an overview of the types of activities by a U.S. entity that would be regulated by the law, and the conditions that apply to the overseas transfer of personal data from the EU to the U.S. It covers the general provisions, such as the definition of personal data, the requirement for a specific legal ground for processing, and the data processing principles.
David Sherry, Chief Information Security Officer, Princeton University, commented “This analysis of the GDPR is the most comprehensive guide I’ve found to help direct U.S. colleges and universities through these highly complex regulations. It not only explains the rules, but also provides specific guidance on how to comply.”
The lead researcher and author of the report is Ann Kristin Glenster, an acknowledged global legal authority specializing in data privacy. Glenster is a PhD candidate at the Faculty of Law, University of Cambridge, and previously taught data protection at the University of Cambridge and currently teaches cybersecurity at Brown University. She is deeply involved with the GDPR’s implications, and acts as a private consultant on issues related to GDPR and data protection.
Katelyn Ilkani, co-author of the report, is responsible for guiding and directing The Tambellini Group’s Cybersecurity Research Practice. She is an innovator in education and cybersecurity, and provides strategic guidance to higher education executives.
“Protection of personal data is becoming a paramount concern for higher education,” said Chad Tracy, Director of Information Security, Colby College. “This report is a must-have resource to help refine cybersecurity priorities to protect all of the institution’s constituents.”
The report is available to members of The Tambellini Group through the Peertelligent® service for higher education institutions or the Tambellini Market Insights℠ service for education technology vendors. See Tambellini GDPR Report for details.
About The Tambellini Group
The Tambellini Group (TTG) is the only independent research and analyst firm dedicated exclusively to higher education. With a database of the technology selections of more than 18,900 global institutions, and with a team of analysts and researchers who have decades of higher education expertise, TTG offers unbiased analysis and objective insight on education technology and market trends with verifiable data. TTG helps higher education executives, business leaders, and the investment community make fact-based technology decisions to achieve their key strategic goals. Founded in 2001, TTG is a woman-owned business headquartered in Irvington, Virginia. www.thetambellinigroup.com, telephone (804) 438-9393.
Mary McDaniel, Chief Marketing Officer
The Tambellini Group