As we wrote about just before Christmas 2016 (see here), the official forum for EU Data Protection Regulators, the EU’s Article 29 Working Party (WP29), issued its much-awaited guidelines on certain aspects of GDPR (concerning Data Protection Officers, the Lead Supervisory Authority, and, the Right to Data Portability).
Now the WP29 has set out its GDPR Action Plan for 2017 (see here), which in sum will consist of issuing Guidelines about the following:
- Certification and processing likely to result in high risk and Data Protection Impact Assessments;
- Administrative fines;
- Setting up the European Data Protection Board structure in terms of its administration and the preparation of the One-Stop-Shop and the consistency mechanism;
- Consent and profiling; and,
In addition, the WP29 “will work on the update of already existing referentials and opinions that relate to data transfers to third countries and data breach notifications.”
We have developed a special solution to assist with compliance with EU GDPR called Cordery GDPR Navigator – more details about this can be found here. We also write regularly and produce films about data protection and privacy issues which can be found here.
For more information please contact André Bywater or Jonathan Armstrong who are lawyers with Cordery in London where their focus is on compliance issues.
Office: +44 (0)207 075 1785
Office: +44 (0)207 075 1784