Preparing for GDPR Compliance: We Get by with a Little Help from Our (Law Firm) Friends
In just less than a year, on May 25, 2018, the European Union General Data Protection Regulation—“GDPR”—goes into effect. The law will have wide-ranging impact, governing not only organizations that are established in the EU, but any entity, regardless of its location, that processes the personal data or monitors the behavior of EU citizens.
Ideally, organizations subject to the GDPR should already have launched plans to come into compliance by May of 2018. But it’s not too late to start. And there’s no shortage of published resources available to help companies plan and execute their GDPR compliance strategy. So, rather than add to the already-overwhelming library, I thought I would instead call out some of the best resources I’ve discovered as I’ve been working within DiscoverReady and with our clients on GDPR compliance issues. Not surprisingly, most of the best quality guidance comes from law firms, who have quickly come up to speed as subject matter experts on this significant new law. Here, in no particular order, are some of the readily available—and free—law firm resources:
- White & Case, “Unlocking the EU General Data Protection Regulation: A Practical Handbook on the EU’s New Data Protection Law” (An online guide, organized into 20 chapters, with each chapter addressing a particular aspect of the GDPR)
- Cleary Gottlieb, “The General Data Protection Regulation: Key Changes and Implications” (Helpful summary and analysis of the GDPR, with highlighted practical tips)
- Bird & Bird, “Guide to the General Data Protection Regulation” (A comprehensive summary and analysis with useful wayfinding tools and checklists)
- Hogan Lovells, “GDPRnow” mobile app (Mobile app that enables the user to input inforamtion about their organization, and then generates a customized GDPR plan) (“There’s an app for that!”)
- Proskauer, “GDPR Compliance Update: Which Government Authorities Have Issued Official GDPR Guidance?” (Current update on guidance offered by various EU regulators)
- DLA Piper, “EU General Data Protection Regulation” (A website devoted to GDPR guidance, including analysis of the statutue and practical tips)
- Wilmer Hale, “Webinar: GDPR—One Year Out” (Webinar presentation providing an overview of the GDPR and updates on current developments)
Thanks to all the lawyers and other law firm professionals who contributed their expertise, hard work, and intellectual talents to these resources. And if there are other good quality offerings out there that I’ve missed, please let me know, and I will update this list to include them.