The EU General Data Protection Regulation (GDPR) represents the biggest change to EU data protection law in more than twenty years.
It has grabbed headlines as a result of its extra-territorial reach and the potentially vast fines for non-compliance. (For a general overview of the GDPR, please refer to our Alert Memo.) With the GDPR’s May 25, 2018 effective date rapidly approaching, the Article 29 Working Party (an advisory group made up of representatives from EU data protection authorities as well as the European Commission) recently published its latest wave of GDPR guidance. In this post, we summarize both the prior guidance and the most recent update, which covers critical issues such as data breach notification requirements and the calculation of penalties for non-compliance.
Click here, to continue reading on the Cleary Cybersecurity and Privacy Watch blog.