Guidelines for practical implementation of the GDPR issued by the Italian DPA

Garante-privacy 2

The Italian Data Protection Authority, Garante per la privacy issued Guidelines for the implementation of Regulation EU/2016/679 on Personal Data Protection (GDPR).

The DPA suggests some actions that can be carried out right away to comply with the GDPR and provides a general overview of the major innovations introduced by the legislation.

The guidelines are divided into 6 thematic sections:

  • Principles of lawfulness of the processing (Article 6, GDPR);
  • Information and access to personal data (Article 12 and 13, GDPR);
  • Data subject rights (Articles 15-22, 28, GDPR);
  • Controller, processor, data protection officer (Articles 26, 28, 29, 82, 30, and 37, GDPR);
  • Accountability principle, data protection by default and by design, impact assessment and prior consultation (Articles 23-25, 35-37, GDPR);
  • Transfer of personal data to a third country or international organizations (Articles 40, 43, 44-49, 65, GDPR).

Each section explains what are the changes and what will remain the same after the GDPR enters into force

The Guidelines are available (in Italian) at http://www.garanteprivacy.it…

For more information on privacy issues, contact Francesca Giannoni-Crystal.

Follow us on& Like us on