The international information security experts IT Governance
have added a new title to their catalogue: EU General Data Protection Regulation (GDPR) – An Implementation and Compliance Guide
The EU General Data Protection Regulation (GDPR) introduces a number of changes that will affect every organisation in the world that processes EU residents’ personal data – even organisations that aren’t based in the EU.
The Regulation came into force in April 2016, and will supersede the 1995 EU Data Protection Directive (DPD) and all EU member states’ national laws based on it – including the UK Data Protection Act 1998 – in May 2018. Failure to comply by this date could cost organisations up to €20 million or 4% of annual global turnover in fines.
Clear and comprehensive guidance
EU GDPR – An Implementation and Compliance Guide
is a clear and comprehensive guide that explains this new data protection law and sets out the obligations of data processors and controllers in clear terms.
Topics covered include:
The role of the data protection officer (DPO) – including whether you need one and what they should do.
Risk management and data protection impact assessments (DPIAs), including how, when and why to conduct a DPIA.
Data subjects’ rights, including consent and the withdrawal of consent; subject access requests and how to handle them; and data controllers’ and processors’ obligations.
International data transfers to “third countries” – including guidance on adequacy decisions and appropriate safeguards; the EU-US Privacy Shield; international organisations; limited transfers; and Cloud providers.
How to adjust your data protection processes for GDPR compliance, and the best way of demonstrating that compliance.
Alan Calder, the founder and executive chairman of IT Governance, said: “The GDPR represents a massive shift in data protection legislation, and requires substantial changes of all organisations that process EU residents’ personal data. With only 18 months until the Regulation is enforced, it is imperative that organisations act now to ensure their compliance. This manual explains exactly what they need to do in order to avoid massive fines.”
EU General Data Protection Regulation (GDPR) – An Implementation and Compliance Guide
is available from IT Governance in softcover, Adobe eBook and ePub formats: