Data Protection and Compliance, 2nd Edition by Stewart Room, Michelle Maher, Niall O'Brien, Adam Panagiotopoulos, Shervin Nahid, Richard Hall, Tughan Thuraisingam, James Drury-Smith, Simon Davis, Mark Hendry, Jamie Taylor, Ben Johnson

This chapter outlines some of the mechanisms within the GDPR that are designed to help controllers and processors to achieve operationally required standards of data protection. As well as supporting the achievement of operational outcomes, these mechanisms constitute standalone legal duties in their own right, meaning that a controller or processor could face regulatory action or legal proceedings for failing to implement the compliance mechanisms, regardless of the actual consequences for data processing.

MECHANISMS WITHIN THE GDPR

One of the most impactful innovations of the GDPR is the requirement for controllers to be able to demonstrate compliance. This covers the ...