|
GDPR guidance: What do we have so far?
There are 14 months to go until we need to comply with the EU General Data Protection Regulation (GDPR), and we have been eagerly awaiting official guidance on the requirements. So what do we have so far and what is expected soon?
UK Information Commissioner’s Office
Current guidance:
- An overview of the GDPR
- Privacy notices code of practice which has a section on the GDPR
- Draft guidance on consent under the GDPR for public consultation until 31 March 2017
Expected soon (2017):
- Final version of the guidance on consent (following the consultation)
- Guidance on contracts and liability
- Guidance or discussion papers on profiling, risk, children’s personal data and international data transfers
EU Article 29 Working Party
- Guidelines on the right to data portability
- Guidelines on data protection officers
- Guidelines for identifying a lead supervisory authority
Expected soon (2017):
- New guidance on certification, high risk processing and data protection impact assessments, administrative fines, consent, profiling and transparency
- Updates to existing guidance on data transfers to third countries and data breach notifications
- Also working on setting up the European Data Protection Board structure in terms of administration, and preparing the one stop shop and consistency mechanism (which seeks to ensure the GDPR is applied and enforced consistently across the EU).
Olivia Whitcroft, principal of OBEP, 24 March 2017
This article provides general information on the subject matter and is not intended to be relied upon as legal advice. If you would like to discuss this topic, please contact Olivia Whitcroft using the contact details set out here: Contact Details
