A clear, concise primer on the GDPR
The GDPR aims to unify data protection and ease the flow of personal
data across the EU. It applies to every organisation in the world that
handles EU residents' personal data.
While the GDPR is not law in countries outside the EU, it is effectively
part of the legislative environment for organisations that do business
with the EU. This is enforced through a combination of international
trade law and business pressure - after all, a partner in the EU is
unlikely to want to risk engaging with a company in the US, Australia or
Singapore (or anywhere else) that will put them at risk.
EU GDPR - An international guide to compliance is the ideal resource
for anyone wanting a clear primer on the principles of data protection
and their obligations under the GDPR.
A concise pocket guide, it will help you understand:
- The terms and definitions used in the GDPR, including
explanations;
- The key requirements of the GDPR, including:
- Which fines apply to which Articles;
- The principles that should be applied to any collection and processing
of personal data;
- The Regulation's applicability;
- Data subjects' rights;
- Data protection impact assessments;
- The data protection officer role and whether you need one;
- Data breaches, and notifying supervisory authorities and data
subjects; and
- Obligations for international data transfers.
- How to comply with the Regulation, including:
- Understanding your data, and where and how it is used (e.g. Cloud
suppliers, physical records);
- The documentation you must maintain (such as statements of the
information you collect and process, records of data subject consent,
processes for protecting personal data); and
- The "appropriate technical and organisational measures" you need to
take to ensure compliance with the Regulation.
- A full index of the Regulation, enabling you to find relevant
Articles quickly and easily.
Supplemental material
While most of the EU GDPR's requirements are broadly unchanged in the UK
GDPR, the context is quite different and will have knock-on effects. You
may need to update contracts regarding EU-UK data transfers, incorporate
standard contractual clauses into existing agreements, and update your
policies, processes and procedural documentation as a result of these
changes.
We have published a supplement that sets out specific extra or amended
information for this pocket guide. Click here to download the
supplement.
