The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU). GDPR came into effect across the EU on May 25, 2018 and has implications for IACET providers doing business in EU.
For continuing education and training providers maintaining IACET accreditation, it is important to note the following regarding GDPR. Compliance with GDPR will not affect IACET application status. Any policy or process regarding record retention that may be affected by the GDPR will be considered by the IACET reviewers during the review process. IACET’s accreditation review process is intended to be administered in harmony with a jurisdiction’s laws and policies. It is the provider’s responsibility to maintain the records according to the process that the provider develops for IACET compliance. For accredited providers in good standing, the new GDPR requirements should not conflict with their ability to comply with the ANSI/IACET 1-2018 Standard for Continuing Education and Training. For questions about IACET and GDPR compliance contact Accreditation@iacet.org.