The General Data Protection Regulation (GDPR) will have a far-reaching impact on the processing and protection of personal data in the European Union (EU) and beyond when it becomes applicable on 25 May 2018. It is expected to greatly harmonise the regulation of data controllers and processors offering their services in the EU.
To forestall the risk that regulators in the EU and the Member States send different messages on the Regulation’s provisions, the EU has awarded a grant to a consortium of researchers to develop a harmonised set of training materials that regulators can use to explain some of the most important provisions of the new legislation to stakeholders such as judges, magistrates and civil servants. The announcement was made today by Dr Attila Péterfalvi, President of National Authority for Data Protection and Freedom of Information (NAIH), a member of the research consortium.
The two-year STAR project (Support Training Activities on the data protection Reform) will support the training activities of Data Protection Authorities (DPAs) and data protection officers (DPOs) required by the GDPR. “Each DPA developing such materials in isolation increases the overall cost, risks undermining the harmonising effect of the GDPR and puts greater pressure on its consistency mechanisms,” according to Paul de Hert, co-ordinator of the STAR project and professor of law at the Vrije Universiteit Brussel (VUB).
STAR will develop the training materials in consultation with the DPAs and DPOs and test and validate them in pilot training. “This output will be freely and publicly available in a digital form,” said David Wright, Director of London-based Trilateral Research, one of the partners in the consortium. “Although the STAR project directly addresses EU DPAs and DPOs, it will benefit other privacy professionals in the EU and beyond.”
The new Data Protection Regulation includes many novelties such as the so-called right to be forgotten, the right to data portability, data protection by design, data breach notification, the obligation to conduct data protection impact assessments and much else. “We foresee a need to develop training seminars especially addressing some of these novelties,” added Dr Péterfalvi.
Trilateral offers the full range of General Data Protection Regulation (GDPR) compliance activities to ensure our client’s systems and processes meet the relevant requirements. Visit our DPO service page to assess what you need to be GDPR compliant.