Following the adoption of the new EU General Data Protection Regulation (GDPR) on 27 April 2016, most organisations began to re-examine their internal processes and procedures in order to ensure compliance with the new requirements before its entry into force in May 2018. In this seventh article, we will describe the legal landscape for transfers of personal data under the GDPR and provide guidelines for companies on how to implement a compliant cross-border data transfer strategy.
The GDPR essentially contains the same set of tools as under the current 1995 Data Protection Directive. Some new elements are however provided under the GDPR, the most important being the removal of the requirement to request a prior authorisation to the Data Protection Authority (DPA) for...
|