EU General Data Protection Regulation (GDPR): An Implementation and Compliance Guide, Third Edition

  • 4h 11m
  • IT Governance Privacy Team
  • IT Governance
  • 2019

Understand your GDPR obligations and prioritise the steps you need to take to comply

All organisations – wherever they are in the world – that process the personal data of EU residents must comply with the GDPR (General Data Protection Regulation). Failure to do so could cost them up to €20 million or 4% of annual global turnover in fines, whichever is greater.

Now in its third edition, EU GDPR – An Implementation and Compliance Guide is a clear and comprehensive book providing detailed commentary on the Regulation. It sets out the obligations of data processors and controllers in simple terms and will help you understand how to achieve compliance with the GDPR.

Read this book to learn about:

  • The purpose of the GDPR and its key definitions;
  • The DPO (data protection officer) role, including whether you need one and what they should do;
  • Risk management and DPIAs (data protection impact assessments), including how, when and why to conduct one;
  • Data subjects’ rights, including consent and the withdrawal of consent, DSARs (data subject access requests) and how to handle them, and data controllers and processors’ obligations; International data transfers to ‘third countries’, including guidance on adequacy decisions and appropriate safeguards, the EU-US Privacy Shield, international organisations, limited transfers and Cloud providers; and
  • How to adjust your data protection processes to comply with the GDPR, and the best way of demonstrating that compliance.

Brexit and the GDPR

UK organisations handling personal data will still need to comply with the GDPR, regardless of Brexit. The DPA 2018 enacts the Regulation’s requirements in UK law and, after Brexit, the government plans to combine the provisions of the EU GDPR with the ‘applied GDPR’ (Part 2, Chapter 3 of the DPA 2018) to form a data processing regime that will work in a UK context. This will be called the ‘UK GDPR’.

This guide is a perfect companion for anyone managing a GDPR compliance project. It explains the changes you need to make to your data protection and information security regimes and tells you exactly what you need to do to avoid severe financial penalties.

Avoid “effective, proportionate and dissuasive” fines. Start your compliance journey now and buy this book today.

About the Author

IT Governance is a leading global provider of IT governance, risk management and compliance expertise, and we pride ourselves on our ability to deliver a broad range of integrated, high-quality solutions that meet the real-world needs of our international client base.

Our privacy team, led by Alan Calder, has substantial experience in privacy, data protection, compliance and information security. This practical experience, and our understanding of the background and drivers for the GDPR, as well as the input of our fast-growing team of consultants and trainers, are combined in this manual to provide this must-have guide to GDPR compliance.

In this Book

  • Scope, Controllers and Processors
  • Six Data Processing Principles
  • Data Subjects' Rights
  • Privacy Compliance Frameworks
  • Information Security as Part of Data Protection
  • Lawfulness and Consent
  • Subject Access Requests
  • Role of the Data Protection Officer
  • Data Mapping
  • Requirements for Data Protection Impact Assessments
  • Risk Management and DPIAs
  • Conducting DPIAs
  • Managing Personal Data Internationally
  • Incident Response Management and Reporting
  • GDPR Enforcement
  • Transitioning and Demonstrating Compliance