Chapter 15

Data Protection by Design and by Default

IN THIS CHAPTER

Bullet Integrating data protection into your business systems

Bullet Understanding what is meant by data protection by design and by default

Bullet Conducting a Data Protection Impact Assessment

Bullet Hiring a Data Protection Officer

The new obligations introduced by the GDPR include the requirement to implement data protection principles that safeguard individuals’ rights. This is known as data protection by design and by default. What this essentially means is that you consider data protection and privacy upfront in order to integrate protection into your processing activities effectively— starting with the design stage and continuing throughout the whole life cycle. The idea is to take a preventative approach in which you proactively anticipate privacy issues and risks before they happen.

Previously known as privacy by design, this concept of data protection by design and by default is not a new one. Many organizations have implemented this approach as a matter of good practice, but the GDPR formalizes these requirements.

This chapter ...

Get GDPR For Dummies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial