EU Commission publishes GDPR Guidance

As the date of implementation of the General Data Protection Regulation (GDPR), draws ever nearer, the European Commission has published guidance about the regulation, for use by Data Protection Authorities (DPAs), governments, national authorities, businesses and organisations and individuals.

Even though 25 May 2018 is not that far away, there is still plenty of preparation to be done. At the top level, only two countries have currently implemented data protection laws which reflect the stipulations of the GDPR. Further down the ladder, many SMEs are struggling to understand what the GDPR means for them.

What the Commission is doing to help 

Aside from the guidance it has just published, the Commission is also making a financial investment, to help ensure the smooth implementation of the GDPR. 1.7 million euros have been provided to fund DPAs, with a further 2 million euros being made available to help with the support of businesses, with particular emphasis on SMEs.

In addition to the funding, the Commission has launched a tool, which can be used online by anyone who needs advice and information about the GDPR. This is expected to be especially useful for SMEs.

Emphasising the benefits 

The Commission has also taken this opportunity to further emphasise the benefits that the GDPR will provide.

  • A single set of data protection rules across the EU. Although, it’s important to note that individual governments do have some leeway to expand rules, and make additions.
  • Rules that apply to every business or organisation that provides services to EU citizens, no matter where the business or organisation is based.
  • The strengthening of rights for individuals living within the EU.
  • Improved protection against data breaches.
  • Rules that have more impact and where non-compliance can be punished with substantial fines.

The commission will continue to offer support regarding the implementation of the GDPR. It will also monitor what happens once the GDPR becomes law. There are also plans to hold an event twelve months after implementation of the regulation, involving various stakeholders, with a report of the findings due to be produced by May 2020.