Future-Proofing Privacy A guide to preparing for the EU Data Protection Regulation

The Regulation will have a significant impact on service providers/vendors (i.e. data processors) and organisations that engage them because:

  • The Regulation imposes a number of detailed obligations and restrictions directly on processors, unlike the current Directive that only applies to data controller
  • A processor will be fully liable for the actions of any sub-processor that it uses to provide its services and will be required to flow down its obligations under the Regulation to the sub-processor
  • There are significant penalties which can be imposed on processors for failure to comply with their increased responsibilities and individuals have enhanced rights to seek compensation directly from service providers
  • The new law is much more prescriptive about the contractual arrangements that must be in place between controllers and processors than under the current Directive

Read More

Post By Nix (1,198 Posts)