The GDPR sets out the rights data subjects have in relation to their personal data, the proper exercise of which allows them to have a better understanding of, and more control over, their personal data. The GDPR obliges organisations to provide transparency on their data processing methods and restore individuals’ sense of control over their personal data. It sets time limits for organisations to respond to subject access requests and introduces new rights, such as the right to data portability, that address some of the outstanding issues that have arisen since the development of the Data Protection Directive (DPD), which is at the basis of much of the GDPR.

From an organisational point of view, the key issue ...

Get EU General Data Protection Regulation (GDPR): An Implementation and Compliance Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.