Free tools and resources for Data Protection Officers!

Tag Archives for " GDPR "

FINLAND: Preparing to implement the GDPR

The EU General Data Protection Regulation (GDPR) entered into force on 24 May 2016 and EU Member States are required to implement the Regulation from 25 May 2018. While the Regulation will be binding in its entirety and directly applicable in all Member States, there is a margin of maneuverability for Member States to specify their own rules or to restrict them via national legislation.

Source: FINLAND: Preparing to implement the GDPR

Germany is first EU Country to enact new Data Protection Act to align with the GDPR

On 5 July 2017, almost a year before the General Data Protection Regulation (GDPR) will be applied, the new German Federal Data Protection Act (‘Bundesdatenschutzgesetz’) passed the final stage of the legislative process, the so-called German Data Protection Amendment Act. It has been countersigned by the German Federal President and published in the Federal Law Gazette.

Source: Germany is the first EU Member State to enact new Data Protection Act to align with the GDPR

The case for data-driven GDPR compliance

As we near the May 25, 2018, GDPR enforcement date, companies will promise solutions to meet the GDPR’s detailed and intricate requirements, but only a handful will believe it will never be feasible to deliver on the spirit or letter of the regulation without taking a data-driven approach to compliance.

Source: The case for data-driven GDPR compliance

Belgian DPA publishes recommendation on GDPR record keeping obligation

Belgian Data Protection Authority has published a recommendation on the records of processing activities. It aims to assist controllers and processors in putting in place the records of processing activities as required by article 30 of the GDPR.

Source: Belgian DPA publishes recommendation on GDPR record keeping obligation – Privacy, Security and Information Law Fieldfisher

Data protection in Africa: where do we stand one year before GDPR

Albeit essentially a European statute, the new General Data Protection Regulation (GDPR), which will be applicable as of May, 25th 2018, is expected to have much impact in African countries, as its scope will also cover many data controllers and processors established outside of the European Union – namely, all those who process data of individuals located within the EU as part of the selling of goods and services to such individuals or the monitoring thereof.

Source: Data protection in Africa: where do we stand one year before GDPR

ICO publishes International Strategy to help protect UK public’s personal information in a global environment

The ICO has published its first ever International Strategy to help it meet overseas data protection challenges including increased globalism, changing technology, GDPR and Brexit.

Source: ICO publishes International Strategy to help protect UK public’s personal information in a global environment | ICO

Compensation for Breach of the General Data Protection Regulation

This paper looks at Article 82(1) of the General Data Protection Regulation (GDPR) providing data subjects with rights to compensation for infringement of their rights under GDPR, and compares it with compensation provisions in other EU Regulations and Directives and with the caselaw of the CJEU on those provisions.

Source: Compensation for Breach of the General Data Protection Regulation by Eoin O’Dell :: SSRN

Could Canada lose its adequacy standing?

The world has changed a lot since the European Commission gave Canada its “adequacy” standing in 2001, determining the Personal Information Protection and Electronic Documents Act, commonly known as PIPEDA, properly protects personal data transferred from the EU to Canada.

Source: Could Canada lose its adequacy standing?

>