Category Archives: Impact, Risk and Measures

WILL THE CONSENT COLLECTED BEFORE THE EFFECTIVE DATE OF GDPR STILL BE VALID?

The “Guide on the Application of the European Personal Data Protection Regulation” published by the Italian DPA states, in the “Recommendations” at the foot of the consensus form, that: “The consent obtained before May 25, 2018 remains valid if it has all of the above characteristics. Otherwise, it is appropriate to work before that date… Read More »

Article 29 Data Protection Working Party Guidelines on Data Protection Impact Assessment (DPIA)

Last April 4, the Article 29 Data Protection Working Party (WP 29) has adopted Guidelines on Data Protection Impact Assessment, first of all defining common criteria for all data controllers, which can support the identification of processing operations that require to carry out a data protection impact assessment. This because it is not compulsory in… Read More »

A checklist to adapt to GDPR

Adapting to GDPR can be a rather complex task: is a substantial Regulation composed of 99 articles and 173 recitals. I thought useful, at least for me, to elaborate a reasoned summary, which directs the mental process to see if and how to adjust business procedures to achieve compliance. As with all summaries, of course,… Read More »

How to prepare to comply to GDPR

The GDPR was born one year ago (on the 27th April, published on GUE on 4th May 2016) and many have not yet outlined an adjustment plan. There is only one year left to comply to (the deadline is established on 25th May 2018). Some data protection authority of each EU Member State have published… Read More »