STOP PRESS: GDPR published in OJEC

04/05/2016 22:29

The countdown begins today.


The EU General Data Protection Regulation (GDPR) is making its final journey today as it's published in the Official Journal of the European Union.


The full text of the published GDPR is accessible on this link.


Following the 24 months transition period, GDPR becomes law on 25 May 2018.


However, it should be carefully noted that several Data Protection Authorities (DPAs) and even the Court of Justice of the EU are already interpreting data protection and privacy laws in accordance with the GDPR.


Guidance issued by the DPAs and also the European Data Protection Board (EDPB) will be extremely important in terms of observance of the new standards of data protection and privacy across the EU.


Compliance with the GDPR is clearly a significant business continuity issue not just in 24 months time but for today.


As a result, the GDPR and risk it presents to business continuity is now on every Boardroom's agenda.

Getting this stuff wrong will attract a fine of up to 4% of annual worldwide turnover or €20m, so the consequences could be severe not just financially but also from a reputation perspective. 


In conclusion, the Data Controller needs to evaluate the specific risks to the Data Subject laid out in the GDPR and as a result the risk to the organisation for processing this personal data. 


If you’d like to learn more about the DPO Programme and how this can help ensure that your DPO is up to date with their knowledge in this rapidly evolving area, contact Gemma Jones, Business Development Manager, Henley Business School on +44 (0)7971 505247 or email