Andrew Katz, Michaela MacDonald, Tim Astley, Usha Guness, Jiri Svorc and Chris McCormick


While the previous chapter (Chapter 6) looks at data protection legislation and its history, this chapter covers some of the most significant topics in greater depth, examining their practical impact and means of compliance. We suggest that you read Chapter 6 first.

This chapter covers:

  • Data protection by design and default
  • What amounts to ‘processing personal data’ under the GDPR?
  • Creating a ‘record of processing’
  • Deciding upon the lawful basis of processing
  • Drafting data protection policies
  • Data Protection Impact Assessments (DPIAs)
  • Requests from data subjects
  • Children’s personal data
  • Controllers and processors ...

Get A Practical Guide to IT Law, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.