The GDPR is around the corner, and with it come the new requirements. Likely one the most disrupting features of the new law is the requirement to appoint a Data Protection Officer (DPO). This is a new role created to advise organisations on their handling of personal data and acts as the primary contact person for the data protection authorities. While a DPO is not mandatory for every organisation, the regulators encourage organisations to appoint a DPO on a voluntary basis.
By Kim Smouter
The end of 2015 marked the adoption of Europe’s new General Data Protection Regulation, a legislation with massive implications for research organisations collecting and processing data on data subjects located in the European Union. It’s entry into force May 2018 does not leave a lot of time for companies to comply with the law, and there are still many grey areas in the adopted text that need to be clarified. But it may be tempting to focus solely on the General Data Protection Regulation forgetting that there is a whole set of legislation that may have just as much impact.
By Kim Smouter
Earlier this month, I had the pleasure of attending the IAPP Global Privacy Summit in Washington. It’s our way of taking stock of what the global mood is like in terms of data protection and privacy. The Summit also helps us prepare our advocacy, monitoring, and guidance activities to best match the expected calendar for the year.