ABSTRACT

Following the implementation of the new General Data Protect Regulation on 25 May 2018, organizations should now be fully compliant with their national interpretation of this far-reaching data protection standard. The reality is that most are not; whether through their inappropriate use of online cookies or ineffective physical data security, businesses continue to struggle with the increasing pressure from regulators to apply the Regulation. Non-compliance is widely due to misinterpretation, lack of real-world thinking, and challenges in balancing costs against business practicalities.

This book provides insight into how to achieve effective compliance in a realistic, no-nonsense and efficient way. The authors have over 100 years’ collective international experience in security, compliance and business disciplines and know what it takes to keep companies secure and in-line with regulators’ demands. Whether your organization needs to swiftly adopt GDPR standards or apply them in “Business as Usual” this book provides a wide range of recommendations and explicit examples.

With the likelihood of high-profile penalties causing major reputational damage, this book explains how to reduce risk, run a remedial project, and take immediate steps towards mitigating gaps. Written in plain English, it provides an invaluable international reference for effective GDPR adoption.

chapter |6 pages

Introduction

section Section 1|8 pages

Does the GDPR apply to you?

chapter Section 2|4 pages

GDPR principles

section Section 3|7 pages

Key roles

section Section 4|8 pages

Rights of the data subject

section Section 5|12 pages

Your GDPR project

section Section 6|12 pages

Information security best practice

section Section 7|6 pages

Awareness

section Section 8|19 pages

Data handling and management

section Section 9|7 pages

Data breaches

section Section 10|4 pages

Your technology environment

section Section 11|7 pages

Assessing your suppliers

chapter Section 12|7 pages

Direct marketing

section Section 13|9 pages

Privacy Notice(s)

section Section 14|87 pages

The Regulation