A lot has been written about the GDPR that will apply from 25 May 2018 onwards. There is a multitude of good sources to make sense of the GDPR, and how this new data protection regulation will change the way organizations collect and process personal data within their organization.
During my own study of the GDPR and its operational impacts, I have come across a lot of very useful articles, blog posts, and webinars dealing with the various aspect of the regulation. Most of these resources are free-of-charge and some of them will require you to submit some personal details in order to gain the access. Some of the more extensive one stop GDPR asset libraries are partly open for anyone to explore. 1)See for example IAPP’s library and 2twenty4 Consulting’s GDPRwiki.
Here I’ve collected some of the helpful stuff I’ve found during my exploration, feel free to check these out and post any additional resources and assets to the comments section. I will add them to the growing list of the GDPR resources and assets.
Please note that the usual disclaimer applies. 2)I do not offer legal or compliance advice on any regulatory issue. These 3rd party resources, assets, etc. are provided as they are and I claim no ownership over them.
Webinars and videos
- Deloitte Dbriefs Legal (Annika Sponselee, Söntje J. Hilberg & Sebastian Leder): EU General Data Protection Regulation: New challenges and opportunities
- Oracle Data Security (Dinesh Rajasekharan): Accelerate Compliance with EU General Data Protection Regulation
- Bird&Bird and Exove: GDPR – Practical Effects on Digital Business: Juridical, technical, and customer point of view
- Fieldfisher (Philip Lee & Mark Webber): The new EU General Data Protection Regulation in Under 60 Minutes!
- IT Governance: EU General Data Protection Regulation (GDPR) webinars
- Nymity: GDPR Compliance Webinar Series
- Ultima (Martin Collins & Pauline Brace): The European General Data Protection Regulations GDPR Webinar
- Nuix (Panel discussion): EU General Data Protection Regulation (GDPR) Need to Knows
- Bristows (Robert Bond, Janine Regan & Hannah Crowther): GDPR and Data Processors
- RSA Conference (Cindy Compert, IBM Security): Charting the Course to GDPR: Setting Sail
- RSA Conference (John Elliott, easyJet): Virtual Session: GDPR without the Hype
- BytesTechnology: Bytes Webinar – GDPR Compliance The 12 Steps the ICO Recommend
- Business Connections Live: Are You Ready For New EU Data Protection Regulation 2018
- Owasp Göteborg (Marielle Eide): The new General Data Protection Regulation – Are you ready
- Hunton & Williams (Aaron Simpson): GDPR Practice: 30 Minute Guidance Review
- Taylor Wessing (Vinod Bange, Debbie Heywood & Frederick Leentfaar): The core concepts of the GDPR
- Taylor Wessing (Sally Annereau, Jean-David Behlow, Paul Voigt, Lucy Lyons & Debbie Heywood): Key compliance points under the GDPR
Some webinars and videos in Finnish
- Atea (Ismo Karttunen & Heidi Helwe): Webinaaritallenne: GDPR – Miten valmistaudun EU:n tietosuoja-asetukseen? (in Finnish)
- Talent Base (Kaisa Keski-Vähälä): Käytännön kokemuksia tietosuoja-asetukseen liittyvistä asiakascaseista (in Finnish)
- Solita (Panel discussion): EU:n tietosuoja-asetus ja asiakasdatan hyödynnettävyys
- Markkinointi-instituutti (Markus Myhrberg): Uudistuva tietosuojasääntely (in Finnish)
- Enfo (Pekka Hagström): EU-tietosuoja-asetus (GDPR) ja julkinen terveydenhuolto (in Finnish)
- Liikenne- ja viestintäministeriö (Seminar): Tietosuojafoorumi – Muuttuva tiedonhallinnan sääntely 9.6.2017
Presentations
- Under construction
Presentations in Finnish
- itSMF Aamiaisseminaari (Jukk Lång): EU:n tietosuoja-asetuksen liiketoimintavaikutukset yrityksille
- Lexia (Markus Myhrberg): Fintech-yrityksen tietosuoja: Tietosuoja-asetus
- Työpaja: Tietosuojan osoitusvelvollisuutta edistävät työpajatilaisuudet
- Aalto University (Mikko Viemerö): Markkinoiden juridinen toimintaympäristö: Tietosuojalainsäädännön soveltaminen käytännön liiketoiminnassa
- SAS Institute (Jari Perko): GDPR käytännössä: Esimerkkejä ja vinkkejä käytännön työhön
Tools, templates, and methods
- Tim Clements: Multiple articles on the GDPR at LinkedIn (extremely useful for project management purposes and grasping the big GDPR picture)
WEISF: GDPR Readiness Checklist (xls)- Voyager: Sample Data Mapping Record (GDPR Impact Assessment) (xls)
- Predictive Analytics: GDPR Business Case Template (xls)
- ThinkGDPR: Data Controllers’ Self Assessment / Data Processors’ Self Assessment
- Manchester Metropolitan University: Privacy impact assessment form (PIA) (doc)
- White Wire: GDPR template repository (in English and Flemish)
- QG Business Solutions: GDPR Essentials
- Freeman Clarke: CEO’s action plan: GDPR – One year to prepare!
- Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein: The Standard Data Protection Model
- Felix Bieker, Michael Friedewald, Marit Hansen, Hannah Obersteller, and Martin Rost: A Process for Data Protection Impact Assessment Under the European General Data Protection Regulation
- Isle of Man Information Commissioner: GDPR Toolkit
- Nymity: Accountability Roadmap for Demonstrable GDPR Compliance
- Nymity: Privacy Management Accountability Framework (PDF – Infographic)
- Nimity: Nymity GDPR Privacy Management Accountability Annotations
- CNIL: Privacy Impact Assessment (PIA) Methodology (how to carry out a PIA)
- CNIL: Privacy Impact Assessment (PIA) Tools (templates and knowledge bases)
- CNIL: Measures for the Privacy Risk Treatment – Good Practices
- Latham & Watkins: GDPR Compliance Checklist
- Clayton Security: GDPR Implementation Standard
- Senya: PII Data Discovery & Classification Template 3)Senya’s ready-made Excel tool is one of the very few CC-branded commercial templates out there.
Tools, etc. in Finnish
- Agendium: Tietosuojamalli (7-day free trial; ready-made project management for the GDPR compliance)
Infographics etc.
- European Commission: Data protection
- ThinkGDPR: GDPR Infographic
- Sola Consulting: GDPR Readiness Assessment Infographic
- Sola Consulting: What is GDPR?
- Privacy Perfect: Rights and Obligations Under GDPR
- Microsoft: GDPR resources to share with your team
- Digital Guardian: What Does the GDPR Mean for Global Data Protection?
Viewpoints, guides, booklets white papers, and expositions
- Allen & Overy: The EU General Data Protection Regulation
- Bird&Bird&: General Data Protection Regulation / guide to the General Data Protection Regulation
- DLA Piper: A Guide to the General Data Protection Regulation
- DLA Piper: Data Protection Laws of the World
- Linklaters: The General Data Protection Regulation: A survival guide
- Nymity: GDPR Accountability Handbook
- IBM: A Little Bee Book “How it Works” GDPR
- ICO: Preparing for the General Data Protection Regulation (GDPR) 12 steps to take now
- ICO: Conducting privacy impact assessments code of practice / Annexes (including questions for PIA)
- ICO: Subject access code of practice: Dealing with requests from individuals for personal information
- ICO: Privacy notices, transparency and control: A code of practice on communicating privacy information to individuals
- The Office of the Data Protection Commissioner (Ireland): The GDPR and You General Data Protection Regulation
Viewpoints, etc. in Finnish
- Tietosuojavaltuutetun toimisto: Miten valmistautua EU:n tietosuoja-asetukseen? (in Finnish)
I hope that you’ll find these resources useful. Let me know if something interesting or useful is missing.
—
Photo credit: perspec_photo88 via Foter.com / CC BY-SA
References
This is a really useful list of resources but when I tried the WEISF readiness checklist xls the link no longer appears to be working, Perhaps you have an alternative spreadsheet that could be listed?
Thanks, John
Hi John!
Great to hear that you found this list of links useful. Unfortunately, I don’t have a local copy available of that particular document.
What kind of checklist are you looking for? Maybe there is some kind of general framework publicly available that you could check out.
Best,
Thomas