Data Protection Implementation Guide


Book Description

The complexities of implementing the General Data Protection Regulation (GDPR) continue to grow as it progresses through new and ever-changing technologies, business models, codes of conduct, and decisions of the supervisory authorities, and the courts. This eminently practical guide to implementing the GDPR – written in an original, problem-solving style by a highly experienced data protection expert with equal knowledge of both law and technology – provides a step-by-step project management approach to building a GDPR-compliant data protection system, assessing, and documenting the risks and then implementing these changes through processes at the operational level. With detailed attention to case law (Member State, ECJ, and ECHR), especially where affecting high-risk areas that have attracted scrutiny, the guidance proceeds systematically through such topics and issues as the following: required documentation, policies, and procedures; risk assessment tools and analysis frameworks; children’s data; employee and health data; international transfers post-Schrems II; data subject rights including the right of access; data retention and erasure; tracking and surveillance; and effects of technologies such as artificial intelligence, biometrics, and machine learning. With its practical examples derived from the author’s experience in building GDPR-compliant software, as well as its analysis of case law and enforcement priorities, this incomparable guide enables company data protection officers and compliance staff to advise on key issues with full awareness of the legal and reputational risks and how to mitigate them. It is also sure to be of immeasurable value to concerned regulators and policymakers at all government levels. “…it's going to be the go to resource for practitioners.” Tom Gilligan, Data Protection Consultant, September 2021 "I purchased this book recently and I’m very glad I did. It’s the textbook I have been waiting for. As someone relatively new to data protection, I was finding it very difficult to find books on the practical side of data protection. This book is very clearly laid out with practical examples and case law given for each topic, which is immensely helpful. I would recommend it to any data protection practitioners." Jennifer Breslin, LLM CIPP/E, AIPP Member




The EU General Data Protection Regulation (GDPR)


Book Description

This book provides expert advice on the practical implementation of the European Union’s General Data Protection Regulation (GDPR) and systematically analyses its various provisions. Examples, tables, a checklist etc. showcase the practical consequences of the new legislation. The handbook examines the GDPR’s scope of application, the organizational and material requirements for data protection, the rights of data subjects, the role of the Supervisory Authorities, enforcement and fines under the GDPR, and national particularities. In addition, it supplies a brief outlook on the legal consequences for seminal data processing areas, such as Cloud Computing, Big Data and the Internet of Things.Adopted in 2016, the General Data Protection Regulation will come into force in May 2018. It provides for numerous new and intensified data protection obligations, as well as a significant increase in fines (up to 20 million euros). As a result, not only companies located within the European Union will have to change their approach to data security; due to the GDPR’s broad, transnational scope of application, it will affect numerous companies worldwide.




Data Protection Compliance


Book Description




Handbook on European data protection law


Book Description

The rapid development of information technology has exacerbated the need for robust personal data protection, the right to which is safeguarded by both European Union (EU) and Council of Europe (CoE) instruments. Safeguarding this important right entails new and significant challenges as technological advances expand the frontiers of areas such as surveillance, communication interception and data storage. This handbook is designed to familiarise legal practitioners not specialised in data protection with this emerging area of the law. It provides an overview of the EU’s and the CoE’s applicable legal frameworks. It also explains key case law, summarising major rulings of both the Court of Justice of the European Union and the European Court of Human Rights. In addition, it presents hypothetical scenarios that serve as practical illustrations of the diverse issues encountered in this ever-evolving field.




Data Protection Implementation Guide


Book Description

The complexities of implementing the General Data Protection Regulation (GDPR) continue to grow as it progresses through new and ever-changing technologies, business models, codes of conduct, and decisions of the supervisory authorities, and the courts. This eminently practical guide to implementing the GDPR - written in an original, problem-solving style by a highly experienced data protection expert with equal knowledge of both law and technology - provides a step-by-step project management approach to building a GDPR-compliant data protection system, assessing, and documenting the risks and then implementing these changes through processes at the operational level. With detailed attention to case law (Member State, ECJ, and ECHR), especially where affecting high-risk areas that have attracted scrutiny, the guidance proceeds systematically through such topics and issues as the following: required documentation, policies, and procedures; risk assessment tools and analysis frameworks; children's data; employee and health data; international transfers post-Schrems II; data subject rights including the right of access; data retention and erasure; tracking and surveillance; and effects of technologies such as artificial intelligence, biometrics, and machine learning. With its practical examples derived from the author's experience in building GDPR-compliant software, as well as its analysis of case law and enforcement priorities, this incomparable guide enables company data protection officers and compliance staff to advise on key issues with full awareness of the legal and reputational risks and how to mitigate them. It is also sure to be of immeasurable value to concerned regulators and policymakers at all government levels. Disclaimer: This title is in pre-production and any names, credits or associations are subject to change. The current table of contents and subject matter is for pre-release sample purposes only.




The California Consumer Privacy Act (CCPA)


Book Description

Prepare your business for CCPA compliance with our implementation guide that: - Provides the reader with a comprehensive understanding of the legislation by explaining key terms - Explains how a business can implement strategies to comply with the CCPA - Discusses potential developments of the CCPA to further aid compliance




Guide to Protecting the Confidentiality of Personally Identifiable Information


Book Description

The escalation of security breaches involving personally identifiable information (PII) has contributed to the loss of millions of records over the past few years. Breaches involving PII are hazardous to both individuals and org. Individual harms may include identity theft, embarrassment, or blackmail. Organ. harms may include a loss of public trust, legal liability, or remediation costs. To protect the confidentiality of PII, org. should use a risk-based approach. This report provides guidelines for a risk-based approach to protecting the confidentiality of PII. The recommend. here are intended primarily for U.S. Fed. gov¿t. agencies and those who conduct business on behalf of the agencies, but other org. may find portions of the publication useful.




Data Protection and Privacy Implementation


Book Description

This book is on Data Protection and Privacy Implementation and has been written in the context of recent global developments on the data privacy front. The book has been co-authored by RK Dubey, ex-CMD, Canara Bank and Ajay Kr Verma, who was the Program Director and Business Head with Hewlett Packard Enterprise Services, India for its BFSI operations in eastern region. Kiran Karnik, former President of NASSCOM has written foreword to this book.The primary objective of this book is to provide an understanding of the new data protection regulations in simplified terms and serve as a self assessment tool and implementation guide.The European Union - General Data Protection Regulation (GDPR), implemented last year on 25 May'2018, has been a landmark development, in data privacy. The California Consumer Protection Act (CCPA) is a foremost data privacy legislation passed in US and takes effect from 1st Jan'2020. Similar regulatory developments are taking place in many countries across the world.In India, Justice Srikrishna committee has submitted 'Personal Data Protection Bill', to the Government and the same is expected to be enacted soon. This will have far reaching repercussions and shall bring significant compliance obligations on the industry.The book provides a high level of view of the global data privacy frameworks and major regulations across countries including FIPPS, HIPPA, OECD guidelines, APEC privacy framework, EU directive 95/46/EC and GDPR, which have contributed to the prevailing data privacy laws.The book covers various provisions of India's Personal Data Protection Bill - data protection obligations, lawful grounds for processing, rights of individuals, transparency & accountability requirements, cross border data transfers, Data Protection Authority, appellate process and various penalties provisions.It provides a detailed guidance along with templates for self assessment and implementation across industries, in particular the small and medium business segment. It details steps for a data privacy implementation covering: -Define data privacy policy & compliance framework-Lay down methodology for data mapping and gap assessments-Imparting training & creating awareness of users-Develop privacy notice and contents-Role of Data Protection Officer-Steps for Data Privacy Impact Assessments-Conduct of data audits-Implementation of various security safeguards including ISO/IEC 27001-Deployment of privacy enhancing technologies.The book also brings an industry perspective of the compliance expectations and challenges. CEOs and industry leaders from various consulting organizations and sectors- Banking, Financial services, Health and Education- have contributed to this effort, by sharing their views on various provisions of the regulations and challenges expected in compliance.




The California Privacy Rights Act (CPRA) - An Implementation and Compliance Guide


Book Description

The California Privacy Rights Act (CPRA) - An implementation and compliance guide is essential reading. Not only does it serve as an introduction to the legislation, it also discusses the challenges a business may face when trying to achieve CPRA compliance.




EU General Data Protection Regulation (GDPR) – An implementation and compliance guide, fourth edition


Book Description

Now in its fourth edition, this bestselling guide is the ideal companion for anyone carrying out a GDPR (General Data Protection Regulation) compliance project. It provides comprehensive guidance and practical advice on complying with the Regulation. Our experts have put together a supplement that sets out specific extra or amended information for this guide. Please use the following link https://www.itgovernancepublishing.co.uk/topic/uk-gdpr-supplemental-material to download the supplement.