Creating a Public Sector GDPR Compliance Handbook

Alex Nunn, Tamsin Bowers-Brown

Abstract


This case specific exercise is built around a hypothetical role type scenario, which will require participants to explore and put into practice the main aspects of the General Data Protection Regulation, which is due to take effect on May 28th, 2018. As the Deputy General Counsel for Her Majesty’s Government Information & Cyberspace Commission you have been assigned with the task of putting together a detailed set of guidelines for use by all Public-Sector Personnel, whose purpose will be twofold: One, to outline the main aspects of the GDPR, especially with regard to the similarities and differences it may contain when compared to the regulatory instrument it supersedes (namely, EC Directive 95/64). Within the context of this task it would be essential to look into areas, such as: a) The Evolution of the Concept of Privacy in EU Data Protection Law (with references to relevant Domestic Law where necessary); b) The Key Principles of Data Protection Legislation; c) The Type of Data and Type of Processing; d) The Protection of Privacy in the Digital Age; e) The Concept of Privacy in the 21st Century Global Networked Environment; f) The Main Roles in the Modern Data Protection Environment; g) General Rules and Principles; and h) Data Management Processes. Two, to outline the specifics of the Role of the Data Protection Officer, in accordance with the provisions of the new legislation. Within the context of this task it would be essential to look into areas, such as: a) The History of Supervisory Authorities in Europe Before and After the Introduction of the GDPR; b) The Evolution of the Role of the Data Protection Officer; c) The Most Essential Skills of a Data Protection Officer; d) The Role of the Data Protection Officer Within the Context of the GDPR; e) The Role of the Data Protection Officer Within the Risk and Impact Assessment Process; f) The Role of the Data Protection Officer in Practice.


Keywords


General Data Protection Regulation; privacy; Data Protection Legislation; Data Management Processes

Full Text:

PDF

Refbacks

  • There are currently no refbacks.


Iscrizione al R.O.C. n. 25223
Registro Stampa presso il Tribunale di Napoli, n. 48 del 03.12.2019
R.G. n. 8014/19