Context: The GDPR introduces a requirement to have specific elements included in data processing contracts. When processing personal information there should be a controller processor contract in place – especially where there is a separate data controller and processor.
Month: June 2017
Context: The GDPR sets forth the need to implement technical measures to protect the personal information of individuals. In many cases the regulation does not specify which technical measures. However, in the case of data minimisation, this is identified as a principle; a principle that requires support by such measures.