This slide deck created by the IAPP research team offers a customizable template for a report to organizational leadership to help Data Protection Officers show the activities of the data protection team as well as record compliance with the General Data Protection Regulation....

Last Updated: April 2021 Article 37(7) of the EU General Data Protection Regulation requires that “the controller or the processor shall publish the contact details of the data protection officer and communicate them to the supervisory authority.” But how does one go about communicating this info...

This textbook provides a comprehensive view of all aspects of the role of Data Protection Officers (DPOs) under the EU’s General Data Protection Regulation....

Published: April 2018 The following are a minimum set of provisions an outsourced DPO contract should have. It must be emphasized that no contract should be drafted without undergoing legal review, especially as it relates to provisions impacted by local laws. There will also be a set of legal pr...

(September 2017) – In this white paper overview, IAPP Legal Extern Carissa Hanratty, CIPP/US, explores some of the jurisdictions in which personal liability exists, with an appendix linking to the various legal texts....