Determann’s Field Guide to International Data Privacy Law Compliance

Determann’s Field Guide to International Data Privacy Law Compliance

Lothar Determann

Companies, lawyers, privacy officers, developers, marketing and IT professionals face privacy issues more and more frequently. Much information is freely available, but it can be difficult to get a grasp on a problem quickly, without getting lost in details and advocacy. This is where Determann’s Field Guide to International Data Privacy Law Compliance comes into its own – helping to identify issues and provide concise practical guidance in an increasingly complex field shaped by rapid change in international laws, technology and society.

Chapter 1: Starting a Compliance Program

Lothar Determann

Subjects: law - academic, information and media law, internet and technology law, law -professional, technology, media and telecommunications law


When you set out to design and implement a data privacy compliance program, you face a number of threshold decisions and preparatory tasks, including the following: Putting a person or team in charge of data privacy law compliance Preparing a task list by identifying relevant facts, laws and requirements; defining priorities based on business objectives, enforcement risk exposure, and ease of compliance Executing the task list Working with internal stakeholders and outside advisors. 1.01 1.1 Taking charge 1.02 Someone needs to be in charge. If your business is a one-person sole proprietorship, then you are in charge. In larger organizations, however, there are typically a number of individual candidates or departments that could take charge of data privacy compliance, including lawyers, information technology staff, human resources and internal audit personnel. Each of these groups tends to have different approaches, strengths and limitations. Here are some factors to consider as you look for the right person or team: In-house attorneys in corporate legal departments usually take an advisory role and inform others in the organization what applicable laws require, including data privacy laws. Depending on company culture and individual styles, the legal department may advise proactively or upon request. Lawyers are trained to interpret and apply laws, including data privacy laws, but not all lawyers are technology-savvy or good project managers. Members of the information technology (IT) department are technology savvy, but may not find it easy to understand and apply laws. IT professionals are trained in deploying and maintaining equipment,...

You are not authenticated to view the full text of this chapter or article.

Elgaronline requires a subscription or purchase to access the full text of books or journals. Please login through your library system or with your personal username and password on the homepage.

Non-subscribers can freely search the site, view abstracts/ extracts and download selected front matter and introductory chapters for personal use.

Your library may not have purchased all subject areas. If you are authenticated and think you should have access to this title, please contact your librarian.

Further information