Top 10 operational impacts of the GDPR

Editor's Note:

For more information, tools, guidance and links to texts of EU data protection laws, see the IAPP’s GDPR page.

The new General Data Protection Regulation (GDPR), put forth by the European Commission in 2012 and finally generally agreed upon by the European Parliament and Council in December 2016, is set to replace the Data Protection Directive 95/46/ec. Although many companies have already adopted privacy processes and procedures consistent with the Directive, the GDPR contains a number of new protections for EU data subjects and threatens significant fines and penalties for non-compliant data controllers and processors once it comes into force in the spring of 2018. In this 10-part series, the IAPP Westin Research Center outlines specific provisions of the regulation.

Download the e-book comprising the following posts here. (PDF 1.2M)

Part 1: Cybersecurity and data breach notification obligations
By Rita Heimes, CIPP/US

Part 2: The mandatory data protection officer requirement
By Rita Heimes, CIPP/US

Part 3: Consent
By Gabriel Maldoff, CIPP/US

Part 4: Cross-border data transfers
By Anna Myers, CIPP/US

Part 5: Profiling
By Rita Heimes, CIPP/US

Part 6: RTBF and data portability
By Gabriel Maldoff, CIPP/US

Part 7: Vendor Management
By Anna Myers, CIPP/US

Part 8: Pseudonymization
By Gabriel Maldoff, CIPP/US

Part 9: Codes of conduct and certifications
By Rita Heimes, CIPP/US

Part 10: Consequences for GDPR violations
By Anna Myers, CIPP/US

Related