A concise introduction to EU GDPR and EU-US Privacy Shield
The EU General Data Protection Regulation will unify data protection and simplify the use of personal data across the EU when it comes into force in May 2018.
It will also apply to every organisation in the world that processes personal information of EU residents.
US organisations that process EU residents' personal data will be able to comply with the GDPR via the EU-US Privacy Shield (the successor to the Safe Harbor framework), which permits international data transfers of EU data to US organisations that self-certify that they have met a number of requirements.
EU GDPR & EU-US Privacy Shield – A Pocket Guide provides an essential introduction to this new data protection law, explaining the Regulation and setting out the compliance obligations for US organisations in handling data of EU citizens, including guidance on the EU-US Privacy Shield.
EU GDPR & EU-US Privacy Shield – A Pocket Guide sets out:
• A brief history of data protection and national data protection laws in the EU (such as the UK DPA, German BDSG and French LIL).
• The terms and definitions used in the GDPR, including explanations.
• The key requirements of the GDPR, including:
◦ Which fines apply to which Articles;
◦ The six principles that should be applied to any collection and processing of personal data;
◦ The Regulation’s applicability;
◦ Data subjects’ rights;
◦ Data protection impact assessments (DPIAs);
◦ The role of the data protection officer (DPO) and whether you need one;
◦ Data breaches, and the notification of supervisory authorities and data subjects;
◦ Obligations for international data transfers.
• How to comply with the Regulation, including:
◦ Understanding your data, and where and how it is used (e.g. Cloud suppliers, physical records);
◦ The documentation you need to maintain (such as statements of the information you collect and process, records of data subject consent, processes for protecting personal data);
◦ The “appropriate technical and organisational measures” you need to take to ensure your compliance with the Regulation.
• The history and principles of the EU-US Privacy Shield, and an overview of what organisations must do to comply.
• A full index of the Regulation, enabling you to find relevant Articles quickly and easily.