Skip to main content

General Data Protection Regulation

The way forward

One year after the entry into force of the GDPR, the data protection/privacy team of Deloitte discusses the practical implementation challenges that are evident now.

"Few have successfully managed to embed the DPIA as a standard component into their business."

In this article


The entry into force of the EU Data Protection Regulation (GDPR) was a landmark event in the history of personal data protection due to stricter requirements and new concepts embedded in the letter of the law, and the impact that GDPR has had outside of the EU jurisdictions. On the other hand, the positive repercussions of the GDPR are manifested through the development of industry “best practices” in the area.

Many of the examples discussed in the article stem from the experience that the market has gained “on the ground” since the adoption of the law.

The enclosed article discusses:

  • DPO appointment
  • Records of data processing activities
  • Data controllers vs. data processors and downstream
  • Operationalising GDPR
  • Data subject rights
  • Current market challenges
  • GDPR and what’s next

This article written by Georgia Skouma was initially published in Privacy Laws & Business International Report 159 of June 2019.

Did you find this useful?

Thanks for your feedback

If you would like to help improve further, please complete a 3-minute survey