EU General Data Protection Regulation

Full text of the EU General Data Protection Regulation 5419/16

You’ll have read lots of opinions and comments about the EU GDPR – some better informed than others. For data controllers and other professionals, there’s no substitute for reading and understanding the actual regulations. This will never be on the best sellers list, but if you want a real understanding of the implications of GDPR for your business, go to the source.

GDPR - Fix it Fast

Amazon’s best selling GDPR title

If you are struggling with the full legislative document for the European General Data Protection Regulation, why not try Patrick O’Kane’s snappy guide to implementing the key requirements of GDPR in your business. O’Kane is a lawyer and Data Protection Officer, so he has the perfect grounding for delivering sound practical advice on GDPR. GDPR FIX IT FAST gets great reviews on Amazon – which is quite something for a title like this! If you are running behind with your GDPR implementation, or if you have just been handed that Data Controller responsibility that no-one wanted, this little book might be the quickest way to get up to speed. Grab it here on Amazon – available in old-school paperback or Kindle format. you can check out more GDPR titles on Amazon here.

DfE - Data Protection: a toolkit for schools

UK Government Department for Education’s advice for GDPR compliance for schools

Even if you don’t work in the education sector, this useful guide is worth a look to get an understanding of GDPR and the practical steps required for compliance. Although this is labelled a ‘Beta version’, you would think it’s safe to assume that the Department for Education has had some pretty clever people working on this. It’s also safe to assume that this will have been through the legal department before it was published on the government website, so should be fairly sound advice. To get your copy, download from the DfE website here.

ICO - GDPR Legitimate Interests

The UK’s Information Commissioner’s Office (ICO) digs deep on Legitimate Interests as the basis for processing personal data

‘Legitimate interests’ is one of those terms that many of us involved in data protection and GDPR compliance have become all too familiar with in recent months. Described as the ‘most flexible basis for lawful processing’, it is nevertheless a tricky topic and one where you’ll want to make sure you have a sound case and have ticked all the appropriate boxes if you will be relying on ‘legitimate interests’ for GDPR compliance. There is plenty of detail and practical guidance – and if the ICO hasn’t got it right, there’s little hope for the rest of us! Get the full details here.

EU - Guidance on Fines for GDPR Breaches

The Article 29 Data Protection Working Party guidance on the setting fines for GDPR breaches

Something that every business wants to know – what’s it going to cost if we have a data breach or fall foul of the GDPR? At this stage, the truth is that nobody knows. It very much depends whether regulators take a light-touch approach or dive in heavy-handed and use their substantial powers to fine offenders. While we’ll have to wait and see what approach regulators in EU countries take, this document re-iterates the obligations on Data Controllers and companies and outlines the factors that should be considered by regulators when imposing fines and setting the level of fines. Essential reading for Data Protection Officers, Data Controllers and other responsible executives at organisations that may be at risk. See the full document here.