The European General Data Protection Regulation (now being commonly referred to as the GDPR) appears to have finally reached the end of the EU legislative pipeline with the vote by the European Parliament today, following its adoption by the (EU) Council at the end of last week. Four years in the making and subject to enormous scrutiny and debate the rules are now ready with their publication in the EU Official Journal as the expected next step.
The rules cover many things including mandatory reporting for data breaches, heavier sanctions, extra-territorial jurisdiction, the one-stop-shop, new rights, data protection officers, revised consent, and, data protection impact assessments featuring as key aspects. Although the new rules become fully applicable in all EU Member States in 2018 now is the time to start preparing. In the meantime, for a reminder of the main issues please see our FAQs and a video here, and, for quick and handy reference of key data protection terms please see our glossary here.
For more information please contact Jonathan Armstrong or André Bywater who are lawyers with Cordery in London where their focus is on compliance issues.
Jonathan Armstrong, Cordery, Lexis House, 30 Farringdon Street, London, EC4A 4HH
Office: +44 (0)207 075 1784
André Bywater, Cordery, Lexis House, 30 Farringdon Street, London, EC4A 4HH
Office: +44 (0)207 075 1785