With just over 100 days left before the application of the new General Data Protection Regulation (“GDPR”), the European Commission has published new guidance that outlines what remains to be done, including additional guidance for SMEs.

Andrus Ansip, European Commission Vice-President for the Digital Single Market, said: “Strengthened EU data protection rules will become a reality on 25 May. It is a major step forward and we are committed to making it a success for everyone”.

The guidance recalls the innovations, operational simplifications and opportunities opened up by the new rules. It looks at the preparatory work already undertaken and outlines what still needs to be done.

Vĕra Jourová, Commissioner for Justice, Consumers and Gender Equality, stated: (…) “we call on EU governments, authorities and businesses to use the remaining time efficiently and fulfil their roles in the preparations for the big day”.

It is essential for companies to have a single and coherent set of guidelines. The Working Party of EU Data Protection Authorities (the “WP29”) is working to update existing opinions, including on the tools for transferring data to non-EU countries.

WP29 Guidelines/working documents in preparation for GDPR’s application
Right to data portability Adopted on 4-5 April 2017
Data protection officers
Designation of the lead Supervisory Authority
Data protection impact assessment Adopted on 3-4 October 2017
Administrative fines Adopted on 3-4 October 2017
Profiling Work ongoing
Data breach Work ongoing
Consent Adopted as a working paper for consultation on 28 November 2017
Transparency Work ongoing
Certification and accreditation Work ongoing
Adequacy referential (updated) Adopted as working paper for consultation on 28 November 2017 (work on additional up-dates ongoing).
Binding corporate rules for controllers Work ongoing
Binding corporate rules for processors Work ongoing
Sources: EU Commission and WP29

Summaries of the rules for business are available from the EC Commission’s web-site.

See FLINN’s web-site for our GDPR Toolkit and further information about data protection.

Article from our member FLINN – Belgium.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *