After over four years of discussion, the new EU data protection framework has finally been adopted. It takes the form of a Regulation – the General
Data Protection Regulation (GDPR). The GDPR will replace the current Directive and will be directly applicable in all Member States without the need for implementing national legislation. It will not apply until 25 May 2018. However, as it contains some onerous obligations, many of which will take time to prepare for, it will have an immediate impact.
Ever since the European Commission first proposed its text back in 2012, this legislation has attracted a huge amount of attention. It even appears to have been influencing decisions by the Court of Justice of the EU. Organisations across the EU and beyond have been frustrated by the increasing lack of harmonisation across the Member States, despite data flowing increasingly without boundaries. There was a growing desire to get the GDPR agreed quickly, even if that meant that some of the detail is left for later. The EU institutions have certainly stepped up to the plate. Adoption of the GDPR marks a milestone in data protection laws in the EU.
We have summarised key issues as well as ‘8 things you should be doing now to prepare’ in our latest GDPR brochure. To read more please click here.