Essential Guide

Essential guide to the EU General Data Protection Regulation (GDPR)

A guide to the new European Union data protection laws and how they affect your organisation


The European Union’s General Data Protection Regulation (GDPR) comes into effect on 25 May 2018. GDPR will introduce new accountability obligations and stronger rights and restrictions on international data flows.

Against a backdrop of radical technological advances and the Snowden revelations about data surveillance, the new framework is ambitious, complex and strict. It presents any organisation that has so far failed to begin preparations with a steep challenge to become compliant in time.

GDPR introduces new obligations for any organisation that handles data about EU citizens - whether that organisation is located in the EU or not. It introduces data breach notification into European law for the first time. And it places stricter responsibilities on organisations to prove they are adequately managing and protecting personal data.

In this guide, we examine the challenges, opportunities and key actions that all organisations need to consider in preparing for GDPR.

EU data protection: Essential guide (PDF)

1What you need to know-

GDPR: What IT professionals need to know

What is GDPR, and what do IT leaders and IT professionals need to know about the new data protection laws?


D-Day for GDPR is 25 May 2018

The European Parliament’s official publication of the General Data Protection Regulation means it will become enforceable on 25 May 2018 Continue Reading


10 key facts businesses need to note about the GDPR

With less than two years before the new EU data protection rules come into force, there are key areas businesses need to focus on to ensure they will be compliant Continue Reading


Europe’s CIOs examine impact of new data protection regulation

Belgian IT leader group Beltug is joining other organisations across Europe in preparing for the General Data Protection Regulation (GDPR) Continue Reading


Security Think Tank: Understanding compliance with the GDPR

What is the role of information security professionals in helping organisations to ensure they are compliant with the EU’s General Data Protection Regulation (GDPR) by 25 May 2018? Continue Reading


Security Think Tank: Key GDPR issues for infosec pros to address

What is the role of information security professionals in ensuring organisations comply with the EU General Data Protection Regulation (GDPR) by 25 May 2018? Continue Reading


EU data protection rules affect everyone, say legal experts

The EU's new data protection rules will impact every entity that holds or uses European personal data both inside and outside of Europe, according to legal experts Continue Reading

2GDPR compliance-

Preparing for GDPR

All organisations face an onerous task to prepare for GDPR compliance - we examine the challenges


Businesses underprepared for GDPR, study shows

Lack of consumer and regulatory understanding, combined with low technical and cultural preparedness, represents a major threat to revenue and brand value, according to a Symantec state of privacy report Continue Reading


What the EU’s new data protection laws mean for UK industry

The General Data Protection Regulation, which will come into force on 25 May 2018, could have a big impact on any company in the world that deals with the personal data of EU citizens Continue Reading


New EU data protection laws to force global business strategy rethink

More than two-thirds of global firms expect new EU data protection laws to dramatically increase costs of doing business in Europe Continue Reading


UK and European firms invest in data protection ahead of GDPR

European firms are set to invest in data protection in 2016, with enforcement of the EU General Data Protection Regulation just two years away, Computer Weekly’s IT priorities survey shows Continue Reading


Europe fires starting gun for dash to GDPR compliance

A last dash for compliance with the general data protection regulation (GDPR) has begun across Europe and, despite the two-year warning, some organisations will fall short and for UK firms Brexit is no excuse Continue Reading


Most cloud applications not GDPR-ready, report reveals

Just 2% of more than 15,000 enterprise cloud application analysed are GDPR-ready, according to a cloud risk report Continue Reading

3What GDPR means for you-

GDPR: How it will affect your organisation

GDPR compliance is a critical task for every organisation - but what will be the impact of other issues such as Brexit, skills, or international trade? We look at the issues that affect you


IT decision makers admit they need to do more to protect data

More than a quarter of IT decision makers at UK organisations admit they need to do more to protect data, a survey reveals Continue Reading

Blog Post

Why EU data protection will still apply to post-Brexit UK

For commercial, legal and moral reasons the EU GDPR, or something that mimics it, will apply in the UK following Brexit. Continue Reading


GDPR will require 28,000 DPOs in Europe and US, study shows

The staffing impact of the GDPR will be huge, with 28,000 data protection officers (DPOs) in Europe and the US alone, says the International Association of Privacy Professionals Continue Reading

Blog Post

Data Protection - Objectives or Outcomes?

One of the greatest challenges faced by Privacy and Data Protection professionals is demonstrating that their organisations have complied with the requirements of the various laws governing the ... Continue Reading


Law firms planning litigation market for GDPR

Businesses should be preparing for the storm of litigation that is likely to be unleashed when the GDPR goes into force, warns Stewart Room of PwC Legal Continue Reading