Overview of the EU General Data Protection Regulation
The EU’s legislative bodies have reached a political agreement on an updated and more harmonised data protection law (the “Regulation”). The Regulation will significantly change EU data protection law, strengthening individual’s rights, expending the territorial scope, increasing compliance obligations and expanding regulator enforcement powers. The formal adoption is expected in Spring 2016, with the Regulation applying from Spring 2018. Organisations will have two years to implement changes to their data protection compliance programmes, business processes, and IT infrastructure to reflect the Regulation’s new requirements.