One year from now, compliance with the provisions of the EU General Data Protection Regulation (GDPR) will be mandatory in all Member States. Ensuring data protection compliance remains a leadership task, and failure to meet the requirements of the GDPR will be expensive. This applies to companies of all sizes.
The new European data protection law entails significant changes for all companies handling personal data. In particular, the requirements to transparency and verifiability of legally compliant data processing have increased, posing challenges for many companies.
To provide companies in Bavaria with a sense of how the Bavarian State Office of Data Protection Supervision intends to design its audit work as of May 2018 relating to implementing the GDPR, some 150 randomly selected companies received a questionnaire on implementation of the GDPR. The companies can use this test questionnaire as a basis for their own reviews and see to what extent they are already prepared for the new European data protection law.
The questionnaire on implementation of the GDPR and the corresponding cover letter to the companies is available on website of the Bavarian State Office of Data Protection Supervision at the following link: https://www.lda.bayern.de/media/dsgvo_fragebogen.pdf
Tip for practice:
Effective May 25, 2018, data processors must comply with the GDPR. Failure to do so may result in fines and claims for damages. The questionnaire of the Bavarian State Office of Data Protection Supervision shows the requirements for data protection that companies in the non-public sector will have to meet according to the supervisory authorities in the future. Companies must be prepared for this upcoming change and start a project to implement the GDPR.
SKW Schwarz Rechtsanwälte has set up a task force and is already advising numerous clients ranging from classic German mid-sized companies to large multinationals on implementation projects relating to the GDPR. We are providing a team of data protection specialists with vast experience in project work and use a joint pool of checklists and best practice documents, which we can adapt to our clients’ individual needs.