WP29’s plenary meeting: final guidelines on DPIA and opening for comments on data breach notification and profiling

At its plenary meeting held in October 2017, Working Party 29 (WP29) examined certain critical matters regarding the implementation of Regulation 2016/679, the so called General Data Protection Regulation (GDPR).

WP29 approved the final version of the DPIA guidelines Guidelines on Data Protection Impact Assessment after having examined the comments received during the public consultation which ended on 23 May 2017. See here and here.

WP29 also adopted its guidelines on data breach notification under Regulation 2016/679, wp250 and on automated individual decision-making and profiling for the purposes of Regulation 2016/679, wp251, which will be open for public consultation for 6 weeks before their final adoption.

Finally, WP29 adopted guidelines on administrative fines dealing with the application and the setting of administrative fines. These guidelines will be published on the WP29 website soon.

The press release concerning WP29 plenary meeting held in October 2017 is available at http://ec.europa.eu…



For more information on how data protection is implemented in the EU, Francesca Giannoni and Federica Romanelli