This 10-part series explores the major issues with which organizations will have to grapple as they bring themselves into compliance with the GDPR.
Published: December 2016
Contributors:
Although many companies have already adopted privacy processes and procedures consistent with the Directive, the GDPR contains a number of new protections for EU data subjects and threatens significant fines and penalties for non-compliant data controllers and processors once it comes into force.
With new obligations on such matters as data subject consent, data anonymization, breach notification, cross-border data transfers, and appointment of data protection officers, to name a few, the GDPR requires companies handling EU citizens’ data to undertake major operational reform.
This 10-part series explores the major issues with which organizations will have to grapple as they bring themselves into compliance with the world’s most impactful privacy law.
- Part One: Cybersecurity and data breach notification obligations
- Part Two: The mandatory data protection officer requirement
- Part Three: Consent
- Part Four: Cross-border data transfers
- Part Five: Profiling
- Part Six: RTBF and data portability
- Part Seven: Vendor management
- Part Eight: Pseudonymization
- Part Nine: Codes of conduct and certifications
- Part Ten: Consequences for GDPR violations