What do you think?
Rate this book
EU General Data Protection Regulation (GDPR) – An implementation and compliance guide, fourth edition
The updated second edition of the bestselling guide to the changes your organisation needs to make to comply with the EU GDPR.
The EU General Data Protection Regulation (GDPR) will supersede the 1995 EU Data Protection Directive (DPD) and all EU member states’ national laws based on it – including the UK Data Protection Act 1998 – in May 2018.
All organisations – wherever they are in the world – that process the personal data of EU residents must comply with the Regulation. Failure to do so could result in fines of up to €20 million or 4% of annual global turnover.
This book provides a detailed commentary on the GDPR, explains the changes you need to make to your data protection and information security regimes, and tells you exactly what you need to do to avoid severe financial penalties.
Product Overview
Now in its second edition, EU GDPR – An Implementation and Compliance Guide is a clear and comprehensive guide to this new data protection law, explaining the Regulation, and setting out the obligations of data processors and controllers in terms you can understand.
Topics covered include:
The role of the data protection officer (DPO) – including whether you need one and what they should do.
Risk management and data protection impact assessments (DPIAs), including how, when and why to conduct a DPIA.
Data subjects’ rights, including consent and the withdrawal of consent; subject access requests and how to handle them; and data controllers’ and processors’ obligations.
International data transfers to “third countries” – including guidance on adequacy decisions and appropriate safeguards; the EU-US Privacy Shield; international organisations; limited transfers; and Cloud providers.
How to adjust your data protection processes to transition to GDPR compliance, and the best way of demonstrating that compliance.
A full index of the Regulation to help you find the articles and stipulations relevant to your organisation.
New for the second edition:
Additional definitions.
Further guidance on the role of the DPO.
Greater clarification on data subjects’ rights.
Extra guidance on data protection impact assessments.
More detailed information on subject access requests (SARs).
Clarification of consent and the alternative lawful bases for processing personal data.
New appendix: implementation FAQ.
The GDPR will have a significant impact on organisational data protection regimes around the world. EU GDPR – An Implementation and Compliance Guide shows you exactly what you need to do to comply with the new law.
The EU General Data Protection Regulation (GDPR) will supersede the 1995 EU Data Protection Directive (DPD) and all EU member states’ national laws based on it – including the UK Data Protection Act 1998 – in May 2018.
All organisations – wherever they are in the world – that process the personal data of EU residents must comply with the Regulation. Failure to do so could result in fines of up to €20 million or 4% of annual global turnover.
This book provides a detailed commentary on the GDPR, explains the changes you need to make to your data protection and information security regimes, and tells you exactly what you need to do to avoid severe financial penalties.
Product Overview
Now in its second edition, EU GDPR – An Implementation and Compliance Guide is a clear and comprehensive guide to this new data protection law, explaining the Regulation, and setting out the obligations of data processors and controllers in terms you can understand.
Topics covered include:
The role of the data protection officer (DPO) – including whether you need one and what they should do.
Risk management and data protection impact assessments (DPIAs), including how, when and why to conduct a DPIA.
Data subjects’ rights, including consent and the withdrawal of consent; subject access requests and how to handle them; and data controllers’ and processors’ obligations.
International data transfers to “third countries” – including guidance on adequacy decisions and appropriate safeguards; the EU-US Privacy Shield; international organisations; limited transfers; and Cloud providers.
How to adjust your data protection processes to transition to GDPR compliance, and the best way of demonstrating that compliance.
A full index of the Regulation to help you find the articles and stipulations relevant to your organisation.
New for the second edition:
Additional definitions.
Further guidance on the role of the DPO.
Greater clarification on data subjects’ rights.
Extra guidance on data protection impact assessments.
More detailed information on subject access requests (SARs).
Clarification of consent and the alternative lawful bases for processing personal data.
New appendix: implementation FAQ.
The GDPR will have a significant impact on organisational data protection regimes around the world. EU GDPR – An Implementation and Compliance Guide shows you exactly what you need to do to comply with the new law.
406 pages, Kindle Edition
Published October 14, 2020
10 people are currently reading
16 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 3 of 3 reviews
February 12, 2021
Good book, very well structured and containing a number of useful recommendations for organizations and privacy profesionals who are comming new to privacy.
Some parts of the content need updating but that is normal considering how dynamic the privacy environment currently is.
I would recommend this book to anyone who is about to work un the EU privacy field for the first time or to responsibles looking to deploy or design a privacy framework within their Companies.
Some parts of the content need updating but that is normal considering how dynamic the privacy environment currently is.
I would recommend this book to anyone who is about to work un the EU privacy field for the first time or to responsibles looking to deploy or design a privacy framework within their Companies.
August 15, 2018
Good book introducing GDPR, with useful references to ISO standards such as 27001 and 31000. Some of the URLs mentioned in the book are not working, however. More practical guidance would be welcome, as this is still a fairly theoretical overview.
August 5, 2020
A comprehensive and detailed guide that I felt gave me the necessary knowledge to know where to start our compliance project, and how to get quite far in that project. It opened my eyes to several questions I did not even know I had to ask and have inspired me to seek the knowledge to answer those questions.
I do however wish that it had provided some more guidance from the perspective of an international organisation. It doesn't really cover who the contact should be if there is a DPO and an EU representative, neither how the safeguards works when an international organisation collects data, rather than when it's just transferred to one.
I do however wish that it had provided some more guidance from the perspective of an international organisation. It doesn't really cover who the contact should be if there is a DPO and an EU representative, neither how the safeguards works when an international organisation collects data, rather than when it's just transferred to one.
Displaying 1 - 3 of 3 reviews