The EU General Data Protection Regulation will unify data protection and simplify the use of personal data across the EU when it comes into force in May 2018.
It will also apply to every organization in the world that processes personal information of EU residents.
US organizations that process EU residents' personal data will be able to comply with the GDPR via the EU-US Privacy Shield (the successor to the Safe Harbor framework), which permits international data transfers of EU data to US organizations that self-certify that they have met a number of requirements.
EU GDPR & EU-US Privacy Shield – A Pocket Guide provides an essential introduction to this new data protection law, explaining the Regulation and setting out the compliance obligations for US organizations in handling data of EU citizens, including guidance on the EU-US Privacy Shield.
EU GDPR & EU-US Privacy Shield – A Pocket Guide sets out:
- A brief history of data protection and national data protection laws in the EU (such as the UK DPA, German BDSG and French LIL).
- The terms and definitions used in the GDPR, including explanations.
- The key requirements of the GDPR, including:
- Which fines apply to which Articles;
- The six principles that should be applied to any collection and processing of personal data;
- The Regulation’s applicability;
- Data subjects’ rights;
- Data protection impact assessments (DPIAs);
- The role of the data protection officer (DPO) and whether you need one;
- Data breaches, and the notification of supervisory authorities and data subjects;
- Obligations for international data transfers.
- How to comply with the Regulation, including:
- Understanding your data, and where and how it is used (e.g. Cloud suppliers, physical records);
- The documentation you need to maintain (such as statements of the information you collect and process, records of data subject consent, processes for protecting personal data);
- The “appropriate technical and organizational measures” you need to take to ensure your compliance with the Regulation.
- The history and principles of the EU-US Privacy Shield, and an overview of what organizations must do to comply.
- A full index of the Regulation, enabling you to find relevant Articles quickly and easily.
Essential reading for US organizations wanting an easy to follow overview of the new regulations and the compliance obligations for handling data of EU citizens. Buy your copy today.
1: A Brief History of Data Protection
2: Terms and Definitions
3: The Regulation
4: Complying with the Regulation
5: EU-US Privacy Shield
6: Index of the Regulation
Appendix 1: National Data Protection Authorities
Appendix 2: EU GDPR Resources