GDPR - Home
If your area is working with European persons, or with data for European Persons, please email privacy@unm.edu so that UNM’s GDPR working group can assist you in complying with our obligations under the GDPR.
What is the GDPR?
- The General Data Protection Regulation (GDPR is a European privacy law that protects the personal data (also known as Personally Identifiable Information (PII))) of EU persons.
- GDPR defines personal data more broadly than in the U.S. Personal data includes, but is not limited to identifiers such as:
- Name, Location Data, IP Addresses, Biometric Data, Health Information
- GDPR also describes special categories of personal data (data that is very sensitive) including, but not limited to:
- Trade union membership, ethnicity
- GDPR gives EU natural persons significant specific rights over how their personal data is collected, processed, and shared.
- GDPR became enforceable on all entities that the process personal data of EU persons on May 25, 2018. GDPR applies to U.S. organizations.
- Non-compliance could result in judicial remedies, administrative penalties, and loss of revenue-generating or academic collaborations.
How is UNM preparing for GDPR?
UNM formed a GDPR team to addresses campus-wide GDPR compliance. The team consists of members of the Office of the President, Provost Office, Office of University Counsel, Office of the Vice President for Research, UNM Information Technologies, Enrollment Management, Human Resources, Institutional Support Services, Information Security & Privacy. The GDPR team is working with areas that process EU person data to assist them in their GDPR compliance activities.
GDPR Resources:
Video- OpenText: Top 5 things to consider for your GDPR preparation
Educause Review: The General Data Protection Regulation Explained
