Top 10 operational responses to the GDPR

Published: March 2018Click To View (PDF)

In 2016, the Westin Research Center published a series of articles identifying our analysis of the top 10 operational impacts of the EU General Data Protection Regulation. Now, with the May 25, 2018, GDPR-implementation deadline looming, the IAPP is releasing a companion series to present common practical organizational responses that our members report undertaking in anticipation of GDPR implementation.

  • Part 1: Data inventory and mapping
  • Part 2: Lawful bases for processing
  • Part 3: Build and maintain a data governance system
  • Part 4: Data protection impact assessments and data protection by default and by design
  • Part 5: Preparing and implementing data-retention and record-keeping policies and systems
  • Part 6: Transparency and privacy notices
  • Part 7: Accommodating data subjects’ rights
  • Part 8: Data breach and the GDPR
  • Part 9: Vetting and contracting with processors
  • Part 10: Communicating with supervisory authorities