EU General Data Protection Regulation (GDPR), third edition

An Implementation and Compliance Guide

By (author) IT Governance

Publication date: 31 Oct 2019

All organisations – wherever they are in the world – that process the personal data of EU residents must comply with the GDPR (General Data Protection Regulation). Failure to do so could cost them up to €20 million or 4% of annual global turnover in fines, whichever is greater.

Now in its third edition, EU GDPR – An Implementation and Compliance Guide is a clear and comprehensive book providing detailed commentary on the Regulation.

Read this book to learn about:

  • The purpose of the GDPR and its key definitions;
  • The DPO (data protection officer) role, including whether you need one and what they should do;
  • Risk management and DPIAs (data protection impact assessments), including how, when and why to conduct one;
  • Data subjects’ rights, including consent and the withdrawal of consent, DSARs (data subject access requests) and how to handle them, and data controllers and processors’ obligations;
  • International data transfers to ‘third countries’, including guidance on adequacy decisions and appropriate safeguards, the EU-US Privacy Shield, international organisations, limited transfers and Cloud providers; and
  • How to adjust your data protection processes to comply with the GDPR, and the best way of demonstrating that compliance.

This guide is a perfect companion for anyone managing a GDPR compliance project. It explains the changes you need to make to your data protection and information security regimes and tells you exactly what you need to do to avoid severe financial penalties.

Start your compliance journey now and buy this book today.

Not available to order

IT Governance is a leading global provider of IT governance, risk management and compliance expertise, and we pride ourselves on our ability to deliver a broad range of integrated, high-quality solutions that meet the real-world needs of our international client base.

Our privacy team, led by Alan Calder, has substantial experience in privacy, data protection, compliance and information security. This practical experience, and our understanding of the background and drivers for the GDPR, as well as the input of our fast-growing team of consultants and trainers, are combined in this manual to provide this must-have guide to GDPR compliance. 

Dimensions: 216x140mm

404 pages

Imprint: ITGP

Introduction

Chapter 1: Scope, controllers and processors

Chapter 2: Six data processing principles

Chapter 3: Data subjects’ rights

Chapter 4: Privacy compliance frameworks

Chapter 5: Information security as part of data protection

Chapter 6: Lawfulness and consent

Chapter 7: Subject access requests

Chapter 8: Role of the data protection officer

Chapter 9: Data mapping

Chapter 10: Requirements for data protection impact assessments

Chapter 11: Risk management and DPIAs

Chapter 12: Conducting DPIAs

Chapter 13: Managing personal data internationally

Chapter 14: Incident response management and reporting

Chapter 15: GDPR enforcement

Chapter 16: Transitioning and demonstrating compliance

Appendix 1: Index of the Regulation

Appendix 2: EU/EEA national supervisory authorities

Appendix 3: Implementation FAQ

IT Governance resources