This website uses cookies. View our cookie policy
United Kingdom
Select regional store:
EU General Data Protection Regulation (GDPR) - An Implementation and Compliance Guide, Second Edition

EU General Data Protection Regulation (GDPR) - An Implementation and Compliance Guide, Second Edition

SKU: 4852
Format: Softcover
ISBN13: 9781849289450
Pages: 400
Published: 31 Aug 2017
Availability: In Stock
Format: Adobe eBook
ISBN13: 9781849289467
Pages: 381
Published: 31 Aug 2017
Availability: Available
Format: Adobe ePub
ISBN13: 9781849289474
Pages: 381
Published: 31 Aug 2017
Availability: Available

The updated second edition of this must-have guide details what you need to do to comply with the GDPR. It covers:

  • The GDPR in terms you can understand;
  • The obligations of data controllers and processors;
  • What to do with international data transfers;
  • Data subjects’ rights and consent;
  • And much more.

What format do I need?

Price: £39.95


The updated second edition of the bestselling guide to the changes your organisation needs to make to comply with the EU GDPR.


“It’s practical approach to various aspects of the GDPR will be of value to DP practitioners in organisations of all sizes”

Laura Linkomies

Privacy Laws and Business Report, September 2017


The GDPR will supersede the 1995 EU Data Protection Directive (DPD) and all EU member states’ national laws based on it – including the UK Data Protection Act 1998 (DPA) – in May 2018.

All organisations of any size and anywhere in the world that process the personal data of EU residents must comply with the Regulation. Failure to do so could result in fines of up to €20 million or 4% of annual global turnover – whichever is greater.

This book provides a detailed commentary on the GDPR, explains the changes you need to make to your data protection and information security regimes, and tells you exactly what you need to do to avoid severe financial penalties.

Look inside this book here >>


Product overview

Now in its second edition, EU GDPR – An Implementation and Compliance Guide is a clear and comprehensive guide to this new data protection law. It explains the Regulation and sets out the obligations of data processors and controllers in terms you can understand.

Topics covered include:

  • The data protection officer (DPO) role, including whether you need one and what they should do;
  • Risk management and data protection impact assessments (DPIAs), including how, when and why to conduct one;
  • Data subjects’ rights, including consent and the withdrawal of consent, subject access requests (SARs) and how to handle them, and data controllers and processors’ obligations;
  • International data transfers to ‘third countries’, including guidance on adequacy decisions and appropriate safeguards, the EU-US Privacy Shield, international organisations, limited transfers and Cloud providers;
  • How to adjust your data protection processes to comply with the GDPR, and the best way of demonstrating that compliance; and
  • A full index of the Regulation to help you find the articles and stipulations relevant to your organisation.

New in the second edition are:

  • Additional definitions;
  • Further guidance on the DPO role;
  • Greater clarification on data subjects’ rights;
  • Extra guidance on DPIAs;
  • More detailed information on SARs;
  • Clarification of consent and alternative lawful bases for processing personal data; and
  • An implementation FAQ appendix.

The GDPR will have a significant impact on organisations’ data protection regimes around the world. EU GDPR – An Implementation and Compliance Guide shows you what you need to do to comply with the new law.


A note on post-Brexit data protection programmes:

As Matt Hancock MP, minister of state for digital, said in his foreword to the Department for Digital, Culture, Media & Sport’s A New Data Protection Bill: Our Planned Reforms:

Bringing EU law into our domestic law will ensure that we help to prepare the UK for the future after we have left the EU. The EU General Data Protection Regulation (GDPR) [has] been developed to allow people to be sure they are in control of their personal information while continuing to allow businesses to develop innovative digital services without the chilling effect of over-regulation. Implementation will be done in a way that as far as possible preserves the concepts of the Data Protection Act to ensure that the transition for all is as smooth as possible, while complying with the GDPR [...] in full.


About the authors

IT Governance is a leading global provider of IT governance, risk management and compliance expertise. We pride ourselves on delivering a broad range of integrated, high-quality solutions that meet the real-world needs of our international client base.

Our privacy team, led by Alan Calder, has substantial experience in privacy, data protection, compliance and information security. This practical experience, our understanding of the background and drivers for the GDPR, and the input of our fast-growing team of consultants and trainers are combined in this manual to provide the world’s first guide to implementing the new data protection regulation.




Fancy seeing your logo on this book?

IT Governance Publishing produces all of its titles in customisable formats that can be branded with your company logo. This is great for staff training and perfect for events or other marketing collateral.

Find out more >>

Customer Reviews

(2# of Ratings:)
0 people found this comment helpful
2 did not
Was this comment helpful?
The book is very good. It's really very helpful to understand the new regulation on data protection. Must be in the library of each GDPR applier. Thanks to the author!
0 people found this comment helpful
2 did not
Was this comment helpful?
Provides great advice through case studies and user-friendly diagrams and you’re able to understand the best approach for GDPR implementation and compliance. The ideas in this book and its analytical approach have inspired me, and I would recommend the book to anyone involved in General Data Protection Regulation (GDPR).
Showing comments 1-2 of 2