General Data Protection Regulation (GDPR, or officially -?Regulation 2016/679) is finally adopted and published in Official Journal of the European Union last week, on May 4, 2016. It took more than 4 years for GDPR to be finalised since European Commission published first draft on January 25, 2012.?GDPR?will become in full force on May?25, 2018, – 2 years and 20 days after its publication.
Commission by May 25, 2020 and every four years thereafter, will have submit a report to the European Parliament and to the Council on the evaluation and review of GDPR. Those?reports will be made public.
For business – although there are 2 years when GDPR comes into full force – it is strongly advised to start preparing right now as GDPR?contains wide range of changes to EU data protection laws. For example, many organisations will have to?appoint a data protection officer, report data breaches,?undertake privacy impact assessments and more.?In addition, sanctions for serious breaches of the GDPR are increased dramatically?- fines my reach ?20 million or up to 4% of global annual turnover, whichever is the greater.
Here are some resources to help you prepare to GDPR:
- British data protection authority – Information Commissioner’s Office has published a useful 12-step guide ?Preparing for the General Data Protection Regulation ? 12 steps to take now?.
- Another useful report is prepared by BNA:?From Passage to Proposal – EU Data Protection Regulation?(free registration may be required for download).
- On IAPP’s resource center on EU data protection reform you will find different useful resources.
Read also full text of GDPR:?http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=EN
Along with GDPR two more documents related to data protection ware published: