TY - BOOK AU - Quinn,Brendan TI - Data protection implementation guide: a legal, risk and technology framework for the GDPR SN - 9789403529011 AV - KJE6071 .Q85 2021 PY - 2021/// CY - Alphen aan den Rijn, The Netherlands : PB - Wolters Kluwer, Kluwer Law International, KW - European Parliament KW - General Data Protection Regulation KW - Data protection KW - Law and legislation KW - European Union countries KW - Privacy, Right of KW - fast KW - Electronic books N1 - Includes bibliographical references; Data Protection Projects : Building an Inventory -- Gap Analysis : Identifying the Enterprise's Gaps -- Legal Bases for Processing -- Article 30 Record Keeping -- Breaches, Incident Response, Security, and Controls -- Data Protection Impact Assessments -- Retention of Data and the Right to Erasure -- Data Protection by Design and Default -- Data Subject Rights -- Automated Decision-Making and Profiling Technologies -- Children's Data under the GDPR -- CCTV, Video, and IP Cameras -- Facial Recognition and Biometrics -- Third-Country Transfers Outside the EEA -- Data Protection of Employees in the Workplace -- Processing Employee Health Data -- Surveillance in the Workplace N2 - The complexities of implementing the General Data Protection Regulation (GDPR) continue to grow as it progresses through new and ever-changing technologies, business models, codes of conduct, and decisions of the supervisory authorities, and the courts. This eminently practical guide to implementing the GDPR - written in an original, problem-solving style by a highly experienced data protection expert with equal knowledge of both law and technology - provides a step-by-step project management approach to building a GDPR-compliant data protection system, assessing, and documenting the risks and then implementing these changes through processes at the operational level. With detailed attention to case law (Member State, ECJ, and ECHR), especially where affecting high-risk areas that have attracted scrutiny, the guidance proceeds systematically through such topics and issues as the following: required documentation, policies, and procedures; risk assessment tools and analysis frameworks; children's data; employee and health data; international transfers post-Schrems II; data subject rights including the right of access; data retention and erasure; tracking and surveillance; and effects of technologies such as artificial intelligence, biometrics, and machine learning. With its practical examples derived from the author's experience in building GDPR-compliant software, as well as its analysis of case law and enforcement priorities, this incomparable guide enables company data protection officers and compliance staff to advise on key issues with full awareness of the legal and reputational risks and how to mitigate them. It is also sure to be of immeasurable value to concerned regulators and policymakers at all government levels UR - http://public.eblib.com/choice/PublicFullRecord.aspx?p=6723156 UR - https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=3036000 ER -