A clear, concise primer on the GDPR
The GDPR aims to unify data protection and ease the flow of personal data across the EU. It applies to every organisation in the world that handles EU residents' personal data.
While the GDPR is not law in countries outside the EU, it is effectively part of the legislative environment for organisations that do business with the EU. This is enforced through a combination of international trade law and business pressure - after all, a partner in the EU is unlikely to want to risk engaging with a company in the US, Australia or Singapore (or anywhere else) that will put them at risk.
EU GDPR - An international guide to compliance is the ideal resource for anyone wanting a clear primer on the principles of data protection and their obligations under the GDPR.
A concise pocket guide, it will help you understand:The terms and definitions used in the GDPR, including explanations;
The key requirements of the GDPR, including:
Which fines apply to which Articles;
The principles that should be applied to any collection and processing of personal data;
The Regulation's applicability;
Data subjects' rights;
Data protection impact assessments;
The data protection officer role and whether you need one;
Data breaches, and notifying supervisory authorities and data subjects; and
Obligations for international data transfers.
How to comply with the Regulation, including:
Understanding your data, and where and how it is used (e.g. Cloud suppliers, physical records);
The documentation you must maintain (such as statements of the information you collect and process, records of data subject consent, processes for protecting personal data); and
The "appropriate technical and organisational measures" you need to take to ensure compliance with the Regulation.
A full index of the Regulation, enabling you to find relevant Articles quickly and easily.
Supplemental material
While most of the EU GDPR's requirements are broadly unchanged in the UK GDPR, the context is quite different and will have knock-on effects.¿You may need to update contracts regarding EU-UK data transfers, incorporate standard contractual clauses into existing agreements, and update your policies, processes and procedural documentation as a result of these changes.
We have published a supplement that sets out specific extra or amended information for this pocket guide. Click here to download the supplement.
Alan Calder¿is the Group CEO of GRC¿International Group¿PLC, the AIM-listed company that owns IT Governance¿Ltd.¿Alan is an acknowledged international cyber security guru, and a leading¿author on information security and IT governance issues. He has been¿involved in the development of a wide range of information security management¿training courses that have been¿accredited by IBITGQ (International Board¿for IT Governance Qualifications). Alan has consulted for clients¿across the globe and¿is a regular media commentator and speaker.