|
Specialists in European Privacy Recruitment
|
+32 (0)2 308 4286
|
|
IS YOUR PRIVACY OFFICE READY FOR THE GDPR? |
THE EU GENERAL DATA PROTECTION REGULATION (GDPR)
After years of debate, the negotiating parties finally agreed on the text for the EU's new General Data Protection Regulation ('GDPR', 'Regulation').
The purpose of the GDPR is to bring a harmonized approach around data protection throughout the EU and ultimately to provide individuals greater protection given the immense developments of our modern technological era.
On 4 May 2016, the Regulation has been published on the Official Journal of the European Union. It it effective as of 25 May 2018.
The purpose of the GDPR is to bring a harmonized approach around data protection throughout the EU and ultimately to provide individuals greater protection given the immense developments of our modern technological era.
On 4 May 2016, the Regulation has been published on the Official Journal of the European Union. It it effective as of 25 May 2018.
WHICH BUSINESSES DOES THE GDPR AFFECT?
The GDPR impacts businesses across all industries and not only organizations with a physical presence in Europe.
Even if you are based outside the EU but are processing the personal data of EU individuals in relation to offering goods/services, or monitoring the behavior of individuals in the EU, you are also subject to its requirements.
Even if you are based outside the EU but are processing the personal data of EU individuals in relation to offering goods/services, or monitoring the behavior of individuals in the EU, you are also subject to its requirements.
THE MANDATORY DPO REQUIREMENT. WHAT IS IT?
One of the new obligations in the GDPR concerns the appointment of Data Protection Officers (DPOs).
The concept of having a privacy professional to guide for compliance is nothing new in Europe but it was previously regulated at Member State level. There was no uniformity.
With the new Regulation, certain private sector organizations must appoint DPOs in Europe, irrespective of their size and whether they are processing personal data in the capacity of a controller or a processor.
The concept of having a privacy professional to guide for compliance is nothing new in Europe but it was previously regulated at Member State level. There was no uniformity.
With the new Regulation, certain private sector organizations must appoint DPOs in Europe, irrespective of their size and whether they are processing personal data in the capacity of a controller or a processor.
Should your business appoint a DPO under the GDPR?
|
* Can you appoint an existing employee as a DPO?
* What are the qualifications you should seek? * To whom should your DPO report? |
A greater need for privacy professionals
Even if you are not obliged to appoint a DPO, you may still need to bring an experienced privacy professional on board.
The GDPR brings many new (or stricter) obligations to businesses which process personal data, such as:
- Extensive notice requirements
- Privacy Impact Assessments (PIAs)
- Stronger rights for individuals
- Record keeping of processing operations
- Privacy by design and by default for each processing
- Breach notification to DPAs
Organizations must therefore manage their privacy compliance in Europe in a more structured manner, through a well-considered strategy rather than sporadic or last-minute remedial action.
A knowledgeable and experienced privacy professional would help you achieve this.
GOT A QUESTION ABOUT FINDING DPOS IN EUROPE?
OR DO YOU HAVE A DPO VACANCY TO FILL RIGHT NOW?
OR DO YOU HAVE A DPO VACANCY TO FILL RIGHT NOW?