Data Protection Implementation Guide is a renowned pragmatic guide to implementing the General Data Protection Regulation (GDPR) that provides a step-by-step project management approach to building a GDPR-compliant data protection system, assessing, and documenting the risks involved, and then carrying out these changes through processes at the operational level. The complexities of putting into action the GDPR continue to grow as it proceeds through new and ever-changing technologies, business models, codes of conduct, and decisions of the supervisory authorities and the courts. It has been written in an original, problem-solving style by a highly accomplished data protection expert proficient in both law and technology.

What’s in this book:

Delving deep into case law (Member State, ECJ, and ECHR), especially where affecting high-risk areas that have attracted scrutiny, the guidance advances systematically through the following topics and issues:

• required documentation, policies, and procedures;
  
  risk assessment tools and analysis frameworks;
  
  children’s data;
  
  employee and health data;
  
  international transfers post-Schrems II;
  
  data subject rights including the right of access;
  
  data retention and erasure;
  
  tracking and surveillance; and
  
  effects of technologies such as artificial intelligence, biometrics, and machine learning.

How this will help you:

Building on the practical examples derived from the author’s experience in structuring GDPR-compliant software along with its in-depth analysis of case law and enforcement priorities, this one-of-a-kind guide empowers company data protection officers and compliance staff to advise on vital issues with full awareness of the legal and reputational risks and how to mitigate them. It will also be highly appreciated by concerned regulators and policymakers at all government levels.