TrustArc Blog

The GDPR is Coming: 3 Things for DPOs to Consider About Privacy Awareness

May 31, 2017

by Tom Pendergast Many of the impacts of the EU’s wide-reaching General Data Protection Regulation (GDPR) are still being hemmed and hawed about, but one thing is clear: more Data Protection Officers will be needed. The IAPP estimated last year that an estimated 28,000 new DPOs will be needed to oversee data handling for organizations subject to the GDPR. The mandatory DPO is one of many provisions within the GDPR going into effect in May 2018. (Check out our white paper here for a primer and some industry expert input). While the requirements for getting in compliance with the GDPR are … Continue reading The GDPR is Coming: 3 Things for DPOs to Consider About Privacy Awareness

1 Year Until EU GDPR Enforcement Begins

May 25, 2017

EU General Data Protection Regulation (GDPR) The EU GDPR is a law designed to enhance data protection for EU residents and provide a consolidated framework to guide business usage of personal data across the EU, replacing the patchwork of existing regulations and frameworks. The 200-plus page GDPR replaces the 20 year old Directive (95/46/EC). This new law has received a lot of attention due to its complexity  and the associated penalties for noncompliance. Fines can be up to 20,000,000 EUR or 4% of total worldwide annual turnover of the preceding year (whichever is higher). As a result, many organizations are … Continue reading 1 Year Until EU GDPR Enforcement Begins

Newly Released EU GDPR Guidance

December 21, 2016

The EU GDPR goes into effect in May, 2018. While that may seem far away, for many organizations the changes required to become compliant with the new law will take several quarters to implement. Some of the larger changes required will deal with the new “Right to Data Portability”, Identifying a lead supervisory authority, and appointing a “Data Protection Officer.” The Article 29 Working Party (WP29) has just released guidance on these three requirements. The guidance is summarized below, along with links to the full documents. 1) Right to Data Portability Article 20 provides data subjects with the right to … Continue reading Newly Released EU GDPR Guidance

Majority of Companies Actively Preparing for EU GDPR

November 10, 2016

A new benchmarking study by IAPP & TRUSTe is available: Preparing for the GDPR: DPOs, PIAs, and Data Mapping. Contrary to many mainstream media reports that indicate a lack of GDPR awareness, more than 90% of organizations have begun preparing for GDPR compliance. Key Takeaways Over 90% of survey respondents have at least begun preparations for GDPR compliance. EU companies are further along the compliance path with 67% reporting their implementation is underway or completed vs. 42% for the US. 43% of companies report they already conduct data inventory and mapping projects, and another 30% are planning to do so … Continue reading Majority of Companies Actively Preparing for EU GDPR