Information about people is becoming increasingly valuable. Enabled by new technologies, organizations collect and process personal data on a large scale. Free flow of data across Europe is vital for the common market, but it also presents a clear risk to the fundamental rights of individuals. This issue was addressed by the Council of the European Union and the European Parliament with the introduction of the General Data Protection Regulation (GDPR).
For many organizations processing personal data, the GDPR came as a shock. Not so much its publication in the spring of 2016, but rather the articles that appeared about it in professional journals and newspapers leading to protests and unrest. “The heavy requirements of the law would cause very expensive measures in companies and organizations”, was a concern. In addition, companies which failed to comply “would face draconian fines”.
This book is intended to explain where these requirements came from and to prove that the GDPR is not incomprehensible, that the principles are indeed remarkably easy to understand. It will help anyone in charge of, or involved in, the processing of personal data to take advantage of the innovative technologies in processing without being unduly hindered by the limitations of the GDPR. The many examples and references to EDPB (European Data Protection Board) publications, recent news articles and case law clarify the requirements of the law and make them accessible and understandable.
- This book explains the GDPR.
- This book will help anyone in charge of, or involved in, the processing of personal data to take advantage of the innovative technologies in processing
- Contains many examples and references to EDPB (European Data Protection Board) publications, recent news articles and case law, that clarify the requirements of the GDPR
'Leo’s book can provide very effective support to you and your colleagues in reaching this understanding and applying it in practice.' - Fintan Swanton, Managing Director of Cygnus Consulting Ltd., Ireland.
PART I: Privacy and data protection history and scope
1. History and context
PART II: Principles and practice of processing
2. Stakeholder roles, rights and obligations
3. The principles of processing personal data
4. Lawful grounds for processing
5. The rights of the data subjects
6. Data governance
7. Processing and the online world
PART III: International data transfers
8. Cross-border transfers within the EEA
9. Cross-border transfers outside the EEA
PART IV: Risk assessment and mitigation
10. Data Protection Impact Assessment (DPIA) and prior consultation
11. Personal data breaches and related procedures
PART V: The supervisory authorities
12. Data Protection Authority (DPA)
Appendix A : Sources
European Data Protection Board (EDPB) Publications
Alle 100 bestsellers
- Algemeen management
- Coaching en trainen
- Communicatie en media
- Financieel management
- Inkoop en logistiek
- Internet en social media
- IT-management / ICT
- Personal finance
- Persoonlijke effectiviteit
- Reclame en verkoop
- Strategisch management
- Werk en loopbaan