The Spanish Data Protection Agency (AEPD) has released two documents containing a series of measures that every Public Administration must implement by May 25, 2018. The aim is for Public Administrations to understand the practical implications of the new legislation so that they can take all necessary measures to comply with the provisions set out in it. "The impact of the GDPR on the activity of Public Administrations": This document sets out fifteen points that summarize the most relevant aspects that must be implemented, including the particularities of each area that Public Administrations shall take into account. These include: the need to exactly identify the purposes of the processing, to offer data subjects additional and concise information, to establish simple means for the citizens to exercise their rights, to carry out risk analysis and to designate a Data Protection Officer (DPO). "The Data Protection Officer in Public Administrations": The GDPR establishes the need to appoint a DPO as mandatory for Public Administrations and entities. Such DPO must be designated before May, 2018. The document includes the position and functions of the DPO, as well as the required professional skills.