A guide to the General Data Protection Regulation

For in-house lawyers, Data Protection Officers, and specialists in compliance and privacy protection

Data Protection, Privacy and Security Alert

On 4 May 2016, the text of the General Data Protection Regulation (GDPR) was finally published in the Official Journal of the European Union, concluding over four years of intensive legislative work on a new data protection legal framework for Europe.

The GDPR will be effective from 25 May 2018 when it will replace the existing EC Data Protection Directive (EC/95/46) ('Directive'), bringing new legal rights for individuals, extending the scope of responsibilities for data controllers and processors and enhancing the regime for enforcement to include the risk of fines at up to 4% of an organisation's worldwide annual turnover.

DLA Piper have designed this Guide to provide in-house lawyers, Data Protection Officers and others dealing with privacy compliance issues on a day-to-day basis with an easy-reference manual to the GDPR.

The Guide presents an outline of each section of the GDPR, highlighting the key areas of reform and giving practical pointers about the tasks to take to support compliance, in six sections:

  • Key facts about the GDPR
  • Scope
  • Fair processing and individual rights
  • Accountability within the organisation
  • Managing external flows of data
  • Working with regulators