Guidance EU GDPR

Asel Ibraimova

Email

44 227-655-1208

Bio and Articles

Find Your Next Job !

Legal Support Specialist
Greenberg Traurig, LLP

Trusts & Estates Attorney / Estate Planning Lawyer
On Balance Search Consultants

Chief Operating Officer / Business Manager
On Balance Search Consultants

Trusts & Estates Partner / Senior Attorney
On Balance Search Consultants

Litigation Legal Support Specialist
Greenberg Traurig, LLP

Commercial Real Estate Transactional Attorney / Real Estate Lawyer
On Balance Search Consultants

Litigation Paralegal
Greenberg Traurig, LLP

Explore More Job Openings

How to Find Official Guidance on the EU General Data Protection Regulation (GDPR)

by: Asel Ibraimova of Squire Patton Boggs (US) LLP - SECURITY & PRIVACY // BYTES

Tuesday, January 9, 2018

Print Mail Download info_icon_img

/>i

Happy New Year! With 2018 off to a rapid start, companies now have fewer than five months to become GDPR-compliant.

Although the basic principles and obligations enshrined in the GDPR are not new, the GDPR contains a complex, interlinked series of requirements whose practical application to real world situations is often very unclear. The Article 29 Working Party, a body consisting of EU national data protection authorities, has issued several important opinions and guidelines intended to help data controllers and processors interpret the new rules. These guidelines, while not legally binding, are influential and are likely to be given considerable weight by reviewing courts.

We have provided the links to the most important publications below for ease of reference:

Draft Guidelines on Consent under Regulation 2016/679 (consultation closes on 23 January 2018)
Draft Guidelines on Transparency under Regulation 2016/679 (consultation closes on 23 January 2018)
Adopted Guidelines on personal data breach notification under Regulation 2016/679
Adopted Guidelines on automated individual decision-making and profiling for the purposes of Regulation 2016/679
Adopted Guidelines on the right to “data portability”
Adopted Guidelines on Data Protection Impact Assessment (DPIA) and determining whether Processing is “likely to result in a high risk” for the purposes of Regulation 2016/679
Adopted Guidelines on Data Protection Officers (“DPOs”)
Adopted Guidelines on the application and setting of administrative fines for the purpose of the Regulation 2016/679
Adopted Guidelines for identifying a controller or processor’s lead supervisory authority
Opinion 2/2017 on data processing at work
Opinion 01/2017 on Proposed Regulation for the ePrivacy Regulation

In the UK, which will apply the GDPR prior to and for some time after Brexit, there is currently a draft Data Protection Bill making its way through British Parliament. If adopted in its current form, the Bill will serve to implement the GDPR, including various derogations. For UK based companies, it may also be helpful to consider the following guidelines published by the UK Information Commissioner’s Office (ICO):

Self-assessment GDPR checklist for controllers and processors
Guide to the GDPR
Preparing for the GDPR: 12 steps to take now
Children and the GDPR guidance (Draft/consultation closes on 28 February 2018)
ICO’s GDPR related blog

National data protection authorities in other countries may also publish helpful GDPR related checklists or country-specific guidance. The Data Privacy & Cybersecurity team at Squire Patton Boggs has substantial experience counselling clients on how to prepare for and comply with the GDPR in the most practical ways.