GDPR: Resistance is Futile

Publication: SC Media
Author: Evan Schuman
Quoted: Donna Taylor

The reach of the GDPR extends well beyond EU borders. Learn why US companies are resistant in complying with the Reg scheduled to go-live on 25 May 2018, despite the hefty fines for those in breach.

https://www.scmagazine.com/resource-library/resource/sc-media/ebook/59cbe7fb70dbb7186c61101d/

EU GDPR: The Special Role and Responsibilities of the DPO

The role and responsibilities of the Data Protection Officer (DPO) in helping an entity to comply with the European Union General Data Protection Regulation (EU GDPR) presents unique challenges in-and-of-itself. However, it also requires a unique working relationship both internally and externally in order to avoid conflicts of interest. This post will explore the delicate balance that must be struck by the DPO in being simultaneously employed by an entity, while maintaining an appropriate distance and autonomy from that same entity in the performance of his/her duties. Although employed by the entity that collects, stores, and processes data, the DPO’s ultimate loyalty is owed to the Data Subject.

Continue reading “EU GDPR: The Special Role and Responsibilities of the DPO”

EU GDPR: Recommendations for Data Protection Compliance

In a previous post I highlighted and analyzed various aspects of the European Union General Data Protection Regulation (EU GDPR) and provided a summary of my recommendations. This post will more fully explore some of them specifically. My recommendations are listed in sequential order, because it’s crucial that those responsible for the protection of EU citizens’ data take-the-lead in the development and execution of their firm’s protocols. This is true whether an entity is required to hire/assign a Data Protection Officer (DPO) or gives the responsibility to the Data Controller. It is also important to note that recent court rulings have shown an increasing willingness to hold individuals responsible, not merely the firms for which they work.

Continue reading “EU GDPR: Recommendations for Data Protection Compliance”

EU GDPR: Data Protection Compliance

The European Union General Data Protection Regulation (EU GDPR) was adopted on 27 April 2016 and will go into effect on 25 May 2018. Halfway through this “transition period,” few companies are prepared to address the enhanced data protection requirements outlined in the Reg. Confusion about, and interpretation of, any document with legal effect presents challenges to those impacted by it. This is especially true when the stakes are so high.

Continue reading “EU GDPR: Data Protection Compliance”

EU GDPR: Definitions

It is vital to understand the definitions contained within the European Union General Data Protection Regulation (EU GDPR) in order to comply with the provisions; this is true for any document with legal effect. While it is tempting to assume the meaning of a word or phrase, it would be unwise to guess at it. Therefore, I have created this blog post to identify and define within the meaning of this Reg certain key words and phrases. This posting may prove useful as you read my other blogs related to the EU GDPR.

Continue reading “EU GDPR: Definitions”