Author: Paul Voigt
Release Date: 2017-08-07
This book provides expert advice on the practical implementation of the European Union’s General Data Protection Regulation (GDPR) and systematically analyses its various provisions. Examples, tables, a checklist etc. showcase the practical consequences of the new legislation. The handbook examines the GDPR’s scope of application, the organizational and material requirements for data protection, the rights of data subjects, the role of the Supervisory Authorities, enforcement and fines under the GDPR, and national particularities. In addition, it supplies a brief outlook on the legal consequences for seminal data processing areas, such as Cloud Computing, Big Data and the Internet of Things.Adopted in 2016, the General Data Protection Regulation will come into force in May 2018. It provides for numerous new and intensified data protection obligations, as well as a significant increase in fines (up to 20 million euros). As a result, not only companies located within the European Union will have to change their approach to data security; due to the GDPR’s broad, transnational scope of application, it will affect numerous companies worldwide.
Author: Keith Markham
Release Date: 2018-01-25
Contains a succinct summary of the key changes being introduced by the GDPR and what needs to be done practically in response. Written in an accessible style with lots of useful resources. Suitable for lawyers and non-lawyers alike who seek to better understand this topic and to comply with their obligations in a common sense, risk focussed manner.
Author: Peter Carey
Release Date: 2018
Now in its fifth edition, this invaluable handbook provides a complete guide to the practical application of data protection law. It is fully updated and expanded to include coverage of significant developments in the practice of data protection, and takes account of new legislation as well as guidance published by the Information Commissioner since the last edition. The fifth edition includes coverage of the EU General Data Protection Regulation (GDPR); the implications of Brexit; new guidance from the Information Commissioner's office; coverage of new cases on several aspects of data protection compliance; the latest developments on electronic communications; new chapters on accountability and the role of the Data Protection Officer, and creating a compliance programme.
Author: ITGP Privacy Team
Publisher: IT Governance Ltd
Release Date: 2017-08-31
The updated second edition of the bestselling guide to the changes your organisation needs to make to comply with the EU GDPR. “The clear language of the guide and the extensive explanations, help to explain the many doubts that arise reading the articles of the Regulation.” Giuseppe G. Zorzino The EU General Data Protection Regulation (GDPR) will supersede the 1995 EU Data Protection Directive (DPD) and all EU member states’ national laws based on it – including the UK Data Protection Act 1998 – in May 2018. All organisations – wherever they are in the world – that process the personal data of EU residents must comply with the Regulation. Failure to do so could result in fines of up to €20 million or 4% of annual global turnover. This book provides a detailed commentary on the GDPR, explains the changes you need to make to your data protection and information security regimes, and tells you exactly what you need to do to avoid severe financial penalties. Product overview Now in its second edition, EU GDPR – An Implementation and Compliance Guide is a clear and comprehensive guide to this new data protection law, explaining the Regulation, and setting out the obligations of data processors and controllers in terms you can understand. Topics covered include: The role of the data protection officer (DPO) – including whether you need one and what they should do.Risk management and data protection impact assessments (DPIAs), including how, when and why to conduct a DPIA.Data subjects’ rights, including consent and the withdrawal of consent; subject access requests and how to handle them; and data controllers’ and processors’ obligations.International data transfers to “third countries” – including guidance on adequacy decisions and appropriate safeguards; the EU-US Privacy Shield; international organisations; limited transfers; and Cloud providers.How to adjust your data protection processes to transition to GDPR compliance, and the best way of demonstrating that compliance.A full index of the Regulation to help you find the articles and stipulations relevant to your organisation. New for the second edition: Additional definitions.Further guidance on the role of the DPO.Greater clarification on data subjects’ rights.Extra guidance on data protection impact assessments.More detailed information on subject access requests (SARs).Clarification of consent and the alternative lawful bases for processing personal data.New appendix: implementation FAQ. The GDPR will have a significant impact on organisational data protection regimes around the world. EU GDPR – An Implementation and Compliance Guide shows you exactly what you need to do to comply with the new law.
Privacy leaders in the European Union have spent years preparing their organizations for the implementation of the General Data Protection Regulation (GDPR). Effective May 25, 2018, Canadian businesses must comply with the new regulations to do business with EU companies.Whether or not your organization is impacted by the new regulation, the GDPR has set the new gold-standard for data privacy-one worth understanding as the world of data protection continues to evolve and the consequences for non-compliance are heightened.This four-part webinar series (Nov 8, Nov 28, January 22 and March 26) will uncover the key questions and considerations for Canadian businesses as it relates to the impact and adaption of GDPR in Canada. These discussions will look beyond current GDPR standards to examine the future of privacy legislation and how organizations can equip themselves to adhere to a higher standard of data use and protection.
Since the Snowden revelations, the adoption in May 2016 of the General Data Protection Regulation and several ground-breaking judgments of the Court of Justice of the European Union, data protection and privacy are high on the agenda of policymakers, industries and the legal research community. Against this backdrop, Data Protection and Privacy under Pressure sheds light on key developments where individuals’ rights to data protection and privacy are at stake. The book discusses the persistent transatlantic tensions around various EU-US data transfer mechanisms and EU jurisdiction claims over non-EU-based companies, both sparked by milestone court cases. Additionally, it scrutinises the expanding control or surveillance mechanisms and interconnection of databases in the areas of migration control, internal security and law enforcement, and oversight thereon. Finally, it explores current and future legal challenges related to big data and automated decision-making in the contexts of policing, pharmaceutics and advertising.
This book constitutes the refereed conference proceedings of the 7th Annual Privacy Forum, APF 2019, held in Rome, Italy, in June 2019. The 11 revised full papers were carefully reviewed and selected from 49 submissions. The papers present original work on the themes of data protection and privacy and their repercussions on technology, business, government, law, society, policy and law enforcement bridging the gap between research, business models, and policy. They are organized in topical sections on transparency, users' rights, risk assessment, and applications.
Whether you are an entrepreneur or a part of a large enterprise, getting digital right today is critical. But how do you create or maintain policies that empower employees, comply with regulations - such as GDPR and CCPA - reduce social media gaffes and, simultaneously, unlock opportunity? This handbook helps you to unleash the Power of Digital Policy with field-tested, actionable guidance to minimize risk and maximize opportunity. Sound digital policies help to manage issues like financial risk from data breaches, but they can also streamline operations, reduce redundant content and produce value. Whether you are in marketing, legal, finance, IT or HR, the worst thing to do is to watch from the sidelines. Regardless of the industry or your company's size or stage of policy maturity, this step-by-step roadmap meets you where you are and helps to take your organization where it needs to be.
Author: Gwen Kennedy
Publisher: R. R. Bowker
Release Date: 2019-05-23
A detailed look at the General Data Protection Regulation (GDPR). Understand how to comply. Learn Quick Tips providing answers to your data privacy questions. Learn how to engage a data privacy officer, conduct direct marketing campaigns, create compliance documentation, choose a legal basis for collecting personal information, respond to data subject requests. Avoid costly fines and penalties by ensuring your company's activities comply. Learn about Data Privacy Impact Assessments, data mapping and data subject requests. Answers questions about obtaining consent, processing and retaining personal information. Do your company's direct marketing campaigns conflict with the GDPR? Learn how to create a data privacy compliance program. Included is a survey of all EU member states data privacy laws.
Author: Association of Test Publishers
Publisher: Createspace Independent Publishing Platform
Release Date: 2017-12-18
This publication provides an overview of the EU General Data Protection Regulation ("GDPR") and its requirements for protecting the personal data and privacy of individuals located in the European Union. This book describes some likely practical effects on developing, delivering, and processing tests and assessments for use in the EU, and offers guidance on best practices for compliance with the GDPR so as to avoid possible violations and potential penalties.The GDPR applies to all organizations that obtain, handle, process, store, or otherwise deal with or have control over the personal data of EU residents via automated methods, as well as where such data is part of a hardcopy filing system. As appropriate, this Guide suggests examples of how existing procedures or processes may be at risk for leading to violations and best practices for mitigating those risks.
Author: Paul Lambert
Publisher: Bloomsbury Publishing
Release Date: 2016-01-01
Genre: Data protection
A User's Guide to Data Protection, 2nd edition covers all the compliance issues that organisations need to be aware of in order to successfully comply with the UK data protection rules and regulations, along with a full assessment of the EU Data Protection Regulations and their impact on UK practice. Since the previous edition there have been a number of significant developments such as: -The new UK and EU data protection regime -New requirements of the General Data Protection Regulation (GDPR) -New rights, principles and definition -Increasing uses, data collections and business models surrounding personal data -New technologies -Enhanced rights and obligations -Significant fines as a percentage of worldwide turnover -Significant case law including: Google Spain 'Right to be Forgotten' case; Schrems EU-US Safe Harbour; DRI; Vidal-Hall; Tamiz; Mosley; Weltimmo; Barbulescu; Snowden issues; etc -Increasing litigation and cases regarding data protection and damages -Classes actions and representative bodies -Increasing levels of fines from the ICO and in an increasing variety of breach circumstances with directors as well as companies being fined by ICO -Individuals, including private investigators, being prosecuted for DP offences -Advertising and marketing -The new tools of compliance and risk reduction, risk assessments, consultations, codes of conduct, certification, -Data breaches and data loss -Security and reactions to data breach -Employee monitoring -Apps -Data portability -Right to be Forgotten -Notification of security breaches -Privacy by Design/Data Protection by Design (PbD/DPbD) A User's Guide to Data Protection, 2nd edition, is a practical and comprehensive analysis of current law and procedure which is presented in a clear and accessible reference style. Table of Contents Part 1: How to Comply Part 2: Inward Facing Data Protection Part 3: Outward Facing Data Protection Part 4: The New GDPR Regime Part 5: Particular Issues (Series: A User's Guide to.) [Subject: Data Protection, Copyright Law, Patent Law]
Privacy leaders in the European Union have spent years preparing their organizations for the implementation of the General Data Protection Regulation (GDPR). Effective May 25, 2018, Canadian businesses must comply with the new regulations to do business with EU companies. Whether or not your organization is impacted by the new regulation, the GDPR has set the new gold-standard for data privacy - one worth understanding as the world of data protection continues to evolve and the consequences for non-compliance are heightened. This four-part webinar series will uncover the key questions and considerations for Canadian businesses as it relates to the impact and adaption of GDPR in Canada. These discussions will look beyond current GDPR standards to examine the future of privacy legislation and how organizations can equip themselves to adhere to a higher standard of data use and protection. This webinar is the second in a series of 4. The first webinar is What You Need to Know About the GDPR: A Practical Guide for Professionals the third webinar is Tips for an Effective GDPR Governance Structure and Model. The final webinar on March 26 is Shifting Expectations: A Reflection on Canada's Current Regulatory Landscape and Where it May Go. Each webinar is available to purchase for
Author: Damien Welfare
Publisher: Bloomsbury Professional
Release Date: 2018-03-15
Genre: Data protection
Cornerstone on Information Law is aimed at data protection officers and practitioners in Freedom of Information ('FOI')/environmental information; and also at lawyers, who may oversee their work but who are likely to have general rather than specialist knowledge in this area. FOI/environmental information practitioners are to be found in small teams in most public authorities (eg local and central government, quangos, universities, regulatory bodies). They handle information requests from the public under the Freedom of Information Act 2000 and the Environmental Information Regulations 2004. They have to judge when to disclose and to identify when exemptions are available. They are growing in number and status. Data protection officers exist in all major organisations across both the public and private sectors. Large organisations manage massive amounts of personal data, about their customers and users, their competitors, or their employees; and even medium-sized companies and bodies have to deal with data protection rules. Data protection officers advise their organisations on the handling of "subject access requests" from individuals to see their personal data, and on internal data management issues such as security and length of retention. They too are growing in number, and will acquire statutory status and an enhanced role within their organisations when the new Data Protection Regulation (which is nearing agreement in the EU) is implemented in the next 2-3 years. A new EU data protection framework is due to come into effect on 25 May 2018. It takes the form of a Regulation - the General Data Protection Regulation (GDPR). The GDPR will replace the current Directive and will be directly applicable in all Member States without the need for implementing national legislation. Whilst it does not apply until 25 May 2018 it contains some onerous obligations, many of which will take time to prepare for as it will have an immediate impact. Cornerstone on Information Law a practical guide focussed on data protection law, freedom of information and environmental information regulations, being one of the first books to take account of the GDPR. It provides practical advice to local authorities and small businesses to assist them with getting ready for the new framework going live.
Author: Mariusz Krzysztofek
Publisher: Kluwer Law International B.V.
Release Date: 2018-11-01
Personal data protection has become one of the central issues in any understanding of the current world system. In this connection, the European Union (EU) has created the most sophisticated regime currently in force with the General Data Protection Regulation (GDPR) of 2016. This book on this major data protection reform offers a comprehensive discussion of all principles of personal data processing, obligations of data controllers and rights of data subjects. This is the core of the personal data protection regime. GDPR is applicable directly in all Member States, providing for a unification of data protection rules within the EU. However, it poses a problem in enabling international trade and data transfers outside the EU between economies which have different data protection models in place. Among the broad spectrum of aspects of the subject covered are the following: – summary of the changes introduced by the GDPR; – new territorial scope; – key principles of personal data processing; – legal bases for the processing of personal data; – marketing, cookies and profiling; – new information clauses; – new Subject Access Requests (SARs), including the ‘right to be forgotten’ on the Internet, the right to data portability and the right to object to profiling; – new data protection by design and by default; – benefits from implementing a data protection certificate; and – data transfers outside the EU, including BCRs, SCCs and special features of EU–US arrangements. This book references many rulings of European courts, as well as interpretations and guidelines formulated by European data protection authorities, examples and best practices, making it of great practical value to lawyers and business leaders. Because of the increase in legal certainty in this area guaranteed by the GDPR, multinational corporations and their customers and contractors will benefit enormously from consulting and using this book. For practitioners and academics, researching or advising clients on this area, and government policy advisors, this book provides an indispensable source of guidance and information for many years to come.