Following the adoption of the new EU General Data Protection Regulation (GDPR) on 27 April 2016, most organisations began to re-examine their internal processes and procedures in order to ensure compliance with the new requirements before its entry into force in May 2018. In this third article, we will detail the notions of data protection by design, data protection by default and data protection impact assessment (DPIA), which are tools provided by the GDPR in order to help companies comply with their obligation of accountability described in our article of March.
As mentionned in our previous article, companies will have to implement technical and organisational measures in the context of a new form of data governance. The nature of these measures will be assessed...
|