EU General Data Protection Regulation Finally Passes
The European Data Protection Supervisor (EDPS) is an independent supervisory authority whose primary objective is to ensure that European institutions and bodies respect the right to privacy and data protection when they process personal data and develop new policies.
It has been over four years in the making but the EU Parliament and Council have finally approved the (GDPR) after the EU Council of Ministers approved the final text.
The compromise agreement reached just before Christmas has remained intact, having been agreed by both the EU Council of Ministers and Parliament. This decision means that the GDPR text will not be amended further and is now in its final state.
A two-year implementation process will begin once the Official Journal of the EU publishes the regulation - the final step to complete before the regulation becomes EU law.
The real work for European organisations will now begin. The task of picking over the legislation and interpreting what its real impact will be is now underway. The ICO will publish its guidance in due course.
Mark Thompson, privacy lead in KPMG’s cyber security practice, said: “It has been a long time coming; with more suggested amendments than any other EU regulation, we are finally there.
"The EU has finally herded the cats up the hill which sends a firm message to businesses that privacy is at the forefront of the EU’s mind, and organisations need to take action to address their privacy risks.
“Privacy will be catapulted up the list of global organisations enterprise risks, requiring them to re-evaluate take action. It’s clear that by the time the regulation comes into play in 2018, for a number of organisations, there will be a lot of work to do.”
DataIQ: http://bit.ly/1SyIT3p