Skip to Main Content
United Kingdom
Select regional store:
Limited time offer! Get free access to 8 e-learning courses when you purchase any training course – hurry, offer ends 31 October!
EU General Data Protection Regulation (GDPR) - An Implementation and Compliance Guide, Second Edition

EU General Data Protection Regulation (GDPR) - An Implementation and Compliance Guide, Second Edition

SKU: 4852
Format: Softcover
ISBN13: 9781849289450
Pages: 400
Published: 31 Aug 2017
Availability: In Stock
Format: Adobe eBook
ISBN13: 9781849289467
Pages: 381
Published: 31 Aug 2017
Availability: Available
Format: Adobe ePub
ISBN13: 9781849289474
Pages: 381
Published: 31 Aug 2017
Availability: Available

Our bestselling guide is the ideal companion for anyone carrying out a GDPR (General Data Protection Regulation) compliance project. It provides comprehensive guidance and practical advice on complying with the GDPR, including:

  • The GDPR in terms you can understand;
  • The obligations of data controllers and processors;
  • What to do about international data transfers; and
  • Data subjects’ rights and consent.

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account.  Apply online today or call our service centre team on +44 (0)333 800 7000.

Price: £19.95
ex vat


Understand your GDPR obligations and prioritise the steps you need to take to comply

The GDPR gives individuals (data subjects) significant rights over how their personal information is collected and processed, and places a range of obligations on organisations to be more accountable for data protection.

The Regulation, which came into effect on 25 May 2018, applies to all data controllers and processors that handle EU residents’ personal information. It supersedes the 1995 EU Data Protection Directive and all EU member states’ national laws that are based on it – including the UK DPA (Data Protection Act) 1998.

Failure to comply with the Regulation could result in fines of up to €20 million or 4% of annual global turnover – whichever is greater.

This guide is a perfect companion for anyone managing a GDPR compliance project. It provides a detailed commentary on the Regulation, explains the changes you need to make to your data protection and information security regimes, and tells you exactly what you need to do to avoid severe financial penalties.

Look inside this book here >>

Clear and comprehensive guidance to simplify your GDPR compliance project

Now in its second edition, EU General Data Protection Regulation (GDPR) – An Implementation and Compliance Guide provides clear and comprehensive guidance to the GDPR. It explains the Regulation and sets out the obligations of data processors and controllers in terms you can understand.

Topics covered include:

  • The DPO (data protection officer) role, including whether you need one and what they should do;
  • Risk management and DPIAs (data protection impact assessments), including how, when and why to conduct one;
  • Data subjects’ rights, including consent and the withdrawal of consent, DSARs (data subject access requests) and how to handle them, and data controllers and processors’ obligations;
  • International data transfers to ‘third countries’, including guidance on adequacy decisions and appropriate safeguards, the EU-US Privacy Shield, international organisations, limited transfers and Cloud providers;
  • How to adjust your data protection processes to comply with the GDPR, and the best way of demonstrating that compliance; and
  • A full index of the Regulation to help you find the articles and stipulations relevant to your organisation.

New to the second edition:

  • Additional definitions;
  • Further guidance on the DPO role;
  • Greater clarification on data subjects’ rights;
  • Extra guidance on DPIAs;
  • More detailed information on DSARs;
  • Clarification of consent and alternative lawful bases for processing personal data; and
  • An implementation FAQ appendix. 

“Its practical approach to various aspects of the GDPR will be of value to DP practitioners in organisations of all sizes”

- Laura Linkomies, Privacy Laws and Business Report, September 2017

Brexit and the GDPR

UK organisations handling personal data will still need to comply with the GDPR, regardless of Brexit. The DPA 2018 enacts the Regulation’s requirements in UK law and, after Brexit, the government plans to combine the provisions of the EU GDPR with the ‘applied GDPR’ (Part 2, Chapter 3 of the DPA 2018) to form a data processing regime that will work in a UK context. This will be called the ‘UK GDPR’.

Learn more about the GDPR and how Brexit may affect data protection law in the UK >>

About the authors

IT Governance is a leading global provider of IT governance, risk management and compliance expertise. We pride ourselves on delivering a broad range of integrated, high-quality solutions that meet the real-world needs of our international client base.

Our privacy team, led by Alan Calder, has substantial experience in privacy, data protection, compliance and information security. This practical experience, our understanding of the background and drivers for the GDPR, and the input of our fast-growing team of consultants and trainers are combined in this manual to provide the world’s first guide to implementing the new data protection regulation.

Customer Reviews

(5.00)stars out of 5
# of Ratings: 2
1. on 05/12/2017, said:
5 stars out of 5
The book is very good. It's really very helpful to understand the new regulation on data protection. Must be in the library of each GDPR applier. Thanks to the author!
2. on 05/12/2017, said:
5 stars out of 5
Provides great advice through case studies and user-friendly diagrams and you’re able to understand the best approach for GDPR implementation and compliance. The ideas in this book and its analytical approach have inspired me, and I would recommend the book to anyone involved in General Data Protection Regulation (GDPR).
Showing comments 1-2 of 2
This website uses cookies. View our cookie policy
Free e-learning