Large-scale data loss and data privacy compliance breaches continue to make headline news, highlighting the need for stringent data protection policies, especially when personal or commercially sensitive information is at stake. While regulations and legislation exist to address these issues, how organisations can best tailor their compliance approaches to their own operational circumstances has remained an open question. The focus of this book is on operationalising a truly risk-based approach to data protection and compliance, beyond just emphasis on regulatory frameworks and legalistic compliance.
Innehållsförteckning
Part I – The Big Picture
1. Introduction to data protection
2. Introduction to the GDPR
3. Introduction to e Privacy
4. Introduction to operational data protection
Part II – Core Law
5. The principles of data protection
6. The rights of data subjects
Part III – Operating Internationally
7. National supervision within an international framework
8. Transferring data between the GDPR landmass and third countries
9. Data protection beyond the GDPR landmass
Part IV – Delivery
10. Mechanisms to support operational compliance
11. Programmatic approaches for delivering data protection by design and default
12. Being accountable for records of processing, legitimate interests and risk management
13. ’The journey to code’
Part V – Adverse Scrutiny
14. How to prepare for the risks of challenge and ’adverse scrutiny’
15. Complaints, rights requests, regulatory investigations and litigation
16. Regulatory action
17. Handling personal data breaches
Om författaren
Stewart Room is a barrister and solicitor, and is President of the National Association of Data Protection and Freedom of Information Officers (NADPO).