The EU General Data Protection Regulation provides individuals with a variety of rights to enforce against organizations that are processing their personal data. Specifically, data controllers have obligations regarding these rights, and processors must assist the controllers with the fulfillment of those obligations. But this is also an opportunity to improve customer relations, service delivery and reputation. Andrew Clearwater, CIPP/US, and Brian Philbrook, CIPP/E, CIPP/US, CIPM, CIPT, discuss considerations for organizations thinking about how best to operationalize such requirements.
If you want to comment on this post, you need to login.