Showing Posts In "Europe" Category

Top Thoughts for GDPR Third-Party Management

Not only does the General Data Protection Regulation (GDPR) affect compliance for global organizations, the data protection system also will extend to third-party vendors. Some organizations could have hundreds to thousands of relevant third-party vendors and, under GDPR guidelines, will assume the responsibility of ensuring each has an understanding of the different roles defined in […]

Unravelling the GDPR ‘Accountability’ Principle

The General Data Protection Regulation (GDPR) has transformed the theory of accountability from a basic data protection principle to a systematic and proactive approach to personal data collection and handling processes. Factors that constitute the risky behavior that the GDPR seeks to protect include those that may give rise to discrimination, identity theft or fraud; […]

Workplace Drug Testing Guideline

The International Edge for Leaders in Alcohol and Drug Testing iDATIA works hard to ensure that the international industry professionals concerned with achieving and promoting the highest testing integrityhave the proper resources to do so. The association provides guidance on approaching drug-and alcohol-free workplace programs; dealing with positive test results; what drugs to test for; […]

European Data Protection Supervisor Publishes Priorities for 2017

The European Data Protection Supervisor (EDPS) recently published its Priorities for 2017. The EDPS will set its focus on: New legal framework; The protection of confidentiality and privacy in electronic communications; Contributions to a Security Union and Stronger Borders based on respect for fundamental rights; And initiatives related to the European Commission’s Work Programme for […]


On May 25, 2018, the EU General Data Protection Regulation (GDPR) will go into effect, requiring companies that process personally identifiable information of EU residents to comply with a significant number of enhanced data-protection requirements. One of these requirements is an individual’s “right to explanation” of an algorithmic decision made about him or her by […]


In order to ensure businesses are compliant with the Data Protection Act, the Information Commissioner’s Office recently published a guide for small businesses on how to keep their IT systems safe and secure. The ICO offers 10 steps, including assessing the threats and risks to the business; getting in line with Cyber Essentials; securing data […]

WP29 Releases Guidance on DPOs, Data Portability, One-Stop Shop

The European Union’s (EU) Article Working Party recently revealed a number of General Data Protection Regulation (GDPR) application guidance documents. The mandatory Data Protection Officer (DPO) role can be confusing to organizations who question the terms “core activities” and “large scale.” Guidance recommends those in doubt should err on the side of appointing a DPO. […]

The WhatsApp Wake Up Call for Companies Doing Business in the EU

Even though the General Data Protection Regulation (GDPR) doesn’t come into effect until May 2018, the 1995 European Union (EU) Data Protection Directive remains in place – and Data Protection Authorities (DPA) expect compliance with the requirement for local representation. The Data Protection Directive 95/46/EC requires EU member states to impose data protection obligations only […]

Background Screeners, DPOs and Transfers of Data from the EU to the US

Background screening companies that plan to conduct a background investigation or check on an individual who lives, or previously lived and worked, in the European Union (EU) should consider the General Data Protection Regulation (GDPR) before transferring data to the United States from the EU. The GDPR requires the designation of a Data Protection Officer […]


The European Commission unveiled two draft Commission Implementing Decisions that propose amendments to whether a third country provides adequate safeguards to protect personal data. Countries deemed to be adequate to protect consumer are added to the Commission’s “white list,” thus data transfers can be made from the EEA to that country without requiring further safeguards. […]

Subscribe to our Publications