There are just 6 months to go until the EU General Data Protection Regulation (GDPR) takes effect across the European Union on 25 May 2018. The clock is ticking for all business to finalise their plans for the data protection and privacy revolution.

With 6 months left to prepare, organisations are moving from the planning to delivery phases of their GDPR readiness projects. Some key actions and deliverables which organisations should be focusing on now include:

  • devising a detailed record of data processing activities;
  • revising and issuing data protection notices;
  • amending existing data processing agreements and/or crafting new template data processing clauses;
  • implementing and testing a security incident and breach management plan;
  • creating data protection impact assessment processes; and
  • training staff and testing systems.

The next 6 months are all about the GDPR, see our recent insights and articles on the recent Article 29 Working Party Guidelines concerning:

  • personal data breach notifications under the GDPR;
  • administrative fines under the GDPR; and
  • automated individual decision-making & profiling under the GDPR.