The changes which are to be ushered in by the GDPR from Friday 25 May 2018 are substantial and ambitious. The Regulation is one of the most wide ranging pieces of legislation passed by the EU in recent years, and concepts to be introduced such as the ‘right to be forgotten’, data portability, data breach notification and accountability (to call out only a few) will take some getting used to. Even its legal medium – a regulation
not a directive – makes the GDPR an unusual piece of legislation for data protection lawyers to analyse.
This guide seeks to summarise the key changes that the new law will bring and to highlight the most important actions which organisations should take in preparing to comply with it.
IANAL. Bird & Bird are.