Do you remember what happened on May 25, 2018?
That was day GDPR came into effect and a new set of requirements for organizations' processing, retention of personal data and documentation became part of the agenda.
On the 2nd anniversary of the EU’s General Data Protection Regulation, the privacy team at our partner, Plesner, prepared a special newsletter in which they cover the first two years of GDPR.
In the newsletter, they have also collected important verdicts from The Danish Data Protection Agency since May 25, 2018.
They go through the following cases:
We can learn a great deal from these cases, and they show us that there are many areas of the Personal Data Protection Regulation that individual companies, organizations, and public institutions must deal with to achieve compliance.
If your organization is still struggling to reach the goal of your GDPR work, then it is not a wonder. Working with GDPR is an ongoing process where you, as a data controller, must be able to handle and document the processing of personal data in accordance with the rules.
It also means that once you comply with the rules, your work on governance begins. Here, for example, controls and reassessments must ensure that continuous compliance work is carried out.
And that can be quite a mouthful to swallow.
In retrospect, Michael Hopp recognizes this when he writes:
“Data protection is an area that is constantly evolving. The flow of new verdicts and rulings is continuous, and the bar for GDPR compliance continues to be raised. In other words, the work on the Personal Data Protection Regulation is comprehensive and legally complicated.”
In collaboration with Plesner, we have developed a GDPR software solution that can help and guide your organization when managing, controlling, and documenting your compliance efforts.
This makes working with GDPR easier and far more manageable.