A concise introduction to the EU GDPR
The EU General Data Protection Regulation (GDPR) will unify data
protection and simplify the use of personal data across the EU from 25
May 2018, when it will automatically supersede member states' domestic
data protection laws.
It will also apply to every organisation in the world that processes
personal information of EU residents.
The Regulation introduces a number of key changes for all organisations
that process EU residents' personal data.
EU GDPR: A Pocket Guide provides an essential introduction to this new
data protection law, explaining the Regulation and setting out the
compliance obligations for EU organisations.
Product overview
EU GDPR - A Pocket Guide sets out:
- A brief history of data protection and national data protection laws
in the EU (such as the German BDSG, French LIL and UK DPA).
- The terms and definitions used in the GDPR, including explanations.
- The key requirements of the GDPR, including:
- Which fines apply to which Articles;
- The six principles that should be applied to any collection and
processing of personal data;
- The Regulation's applicability;
- Data subjects' rights;
- Data protection impact assessments (DPIAs);
- The role of the data protection officer (DPO) and whether you need
one;
- Data breaches, and the notification of supervisory authorities and
data subjects;
- Obligations for international data transfers.
- How to comply with the Regulation, including:
- Understanding your data, and where and how it is used (e.g. Cloud
suppliers, physical records);
- The documentation you need to maintain (such as statements of the
information you collect and process, records of data subject
consent, processes for protecting personal data);
- The "appropriate technical and organisational measures" you need to
take to ensure your compliance with the Regulation.
- A full index of the Regulation, enabling you to find relevant Articles
quickly and easily.
About the author
Alan Calder, the founder and executive chairman of IT Governance Ltd, is
an internationally acknowledged cyber security expert, and a leading
author on information security and IT governance issues. He co-wrote the
definitive compliance guide IT Governance: An International Guide to
Data Security and ISO27001/ISO27002, which is the basis for the Open
University's postgraduate course on information security, and has been
involved in the development of a wide range of information security
management training courses that have been accredited by the
International Board for IT Governance Qualifications (IBITGQ). Alan has
consulted on data security for numerous clients in the UK and abroad,
and is a regular media commentator and speaker.
Quickly understand your new obligations under the EU GDPR, and learn
what steps you need to take to avoid costly fines.