The General Data Protection Regulation (GDPR) introduces novel and comprehensive changes to the concept of consent for the processing of data. As you already know, you generally cannot process anyone’s data without their permission. That permission is called ‘consent’.
A study predicts that the GDPR will create the need for 28,000 DPOs in the EU and the US, and up to 75,000 worldwide. This astounding number reflects on the increasing importance of trained privacy personnel.
The General Data Protection Regulation introduces several important changes to the practice of profiling. Because it is so pervasive and necessary for modern processing operations, it pays to understand the potential effects of the GDPR.
The GDPR requires formal documentation of compliance to its provisions. This requirement is outlined in recitals, as well as in the Articles of the Regulation. Article 35 introduces the concept of impact assessments. In this article, we will dig deeper into the requirements and benefits of performing such assessments.
Proper keeping of records is essential for ensuring compliance with the GPDR. For most companies and organizations, it is mandatory as well. In some EU countries, this has already been made mandatory, but not in many others. In this article, we will provide an overview of your obligations and rules under the GDPR.
Like the Data Protection Directive, the GDPR also allows for Member States to restrict the rights of organizations for certain reasons by way of derogation. Let’s explore the significance of this and what we may expect in the future.
The General Data Protection Regulation and aims to harmonize and unify the privacy regulations in all EU countries. Special attention is paid to the so-called third countries. This article gives thorough overvew of the basic stipulations and requirements to watch out for when transferring data in and out of the single EU market.
What Constitutes Personal Data? The General Data Protection Regulation makes many mentions of personal data and outlines the strong measures the companies must use if they wish to process it. However, many companies, especially smaller businesses, have a hard time determining what constitutes personal data in the first place.
The role of a Data Protection Officer (DPO) is not a novelty for many European companies, since laws in certain EU countries already prescribe something similar to a DPO. However, the changes are significant for many other companies. To help you hire a right person, in this article we will outline several key skills a good DPO should have.