The GDPR will place an enhanced compliance burden on data controllers and processors. Understanding the main requirements will be crucial. We look at data breach reporting, Data Protection Officer and Data Impact Assessment requirements, and at how to maintain an audit trail in order to demonstrate compliance to the regulators and to individuals.
The GDPR will bring in sweeping changes to the obligations on data processors, whether on site or in the cloud. We look at the new compliance points for processors, particularly with reference to the cloud. We also consider the impact in Germany which has had stricter requirements around data processors than the UK for some time, and at special obligations in France on data processors of health data.
Global Data Hub considers whether the proposed General Data Protection Regulation really delivers a harmonised EU data protection regime. We look particularly at the core issues of the GDPR's territorial reach, the 'one stop shop' mechanism and the new enforcement regime.