Reviewing GDPR chapters and their summaries can help with understanding the scope of GDPR compliance. Join us for Part 3 of GDPR Chapter Summaries.
PART 3: Fines and Exceptions
In GDPR Summaries Part 2, we covered chapters 4-6, of the regulation while reviewing Articles 1-23. Organized and broken down into sections - including a complete checklist- part 3 discusses chapters 7-11 and covers Articles 60-99. The breakdown of those chapters and articles follows below
Chapter 7: Cooperation and Consistency
This chapter, covering Articles 60-76, discusses how supervisory authorities can remain consistent and cooperate with one another. It also defines the purpose of the European Data Protection Board and discusses its purpose.
Key takeawaysArticle 60: Cooperation between the lead supervisory authority and other supervisory authorities concerned.Article 63: Consistency Mechanism. This article is important as supervisory authorities are needed to cooperate with one another and the Commission.Article 66: Urgency procedures address cases of an urgent matter where a measure may need to be adopted to protect data subject rights.
Chapter 8: Rights and Fines
This chapter, covering Articles 77-84, reviews the rights of data subjects and how they proceed with complaints. It also covers penalties for processors and controllers.
Key takeawaysArticle 77: Right to lodge a complaint with a supervisory authority.Article 80: Representation of data subjects. Data subjects have the right to mandate proper representation in compliance with the regulation.Article 83: General Conditions for imposing administrative fines are listed within this article, and applicable infringement amounts are listed as well.Article 84: This article defines and discusses the penalties/fines in the event of a breach.
Chapter 9: Exceptions to the Rule
Chapter 9 covers Articles 85-90, and discuss the exceptions or provision to the rules.
Key takeawaysArticle 77: Right to lodge a complaint with a supervisory authority.Article 80: Representation of data subjects. Data subjects have the right to mandate proper representation in compliance with the regulation.Article 83: General Conditions for imposing administrative fines are listed within this article, and applicable infringement amounts are listed as well.Article 84: This article is very important as the penalties are concerning for many.
This chapter is important as the exceptions to the rules are covered, and it discusses the importance of member states creating their own rules.
Chapter 10: Delegated Acts
This chapter, covering Articles 92-93, discusses the Commission’s power to adopt delegated acts and the process in which that occurs.
Chapter 11: Final Provisions
This final chapter of the regulation, covering Articles 94-99, explains how the Commission must report on the regulation every 4 years. Additionally, it discusses the differences between the previous directives and the current regulation, as many are familiar with the old data processing laws.
Key takeawaysArticle 96: Relationship with previously concluded agreements. Agreements involving data transfers to third countries/organizations that were set up before May 24, 2016, stay in effect.Article 99: The regulation becomes effective on May 25, 2018.
This chapter also discusses the provision to review and the submission of legislative proposals for the protection of personal data.
As previously stated, the GDPR was not created to complicate procedures and processes for organizations, rather it was created to put controls in place to help protect private and personal data. To learn more about the GDPR and compliance for your organization, download the complete GDPR checklist today.
May 14, 2018