We use cookies to deliver our online services. Details of the cookies we use and instructions on how to disable them are set out in our Cookies Policy. By using this website you agree to our use of cookies. To close this message click close.

How To Work With Your European Data Protection Authority

HL Chronicle of Data Protection

01 October 2013
At this week's IAPP Privacy Academy in Seattle, Washington, Harriet Pearson, Partner in the Hogan Lovells Privacy and Information Management Practice, hosted a breakout session entitled How to Work with Your European Data Protection Authority.  The Session featured Billy Hawkes, Data Protection Commissioner of Ireland, and focused on providing privacy practitioners with practical advice on how to approach a Data Protection Authority (DPA) and earn their trust. The session also addressed practical compliance questions for European markets, gave advice on making successful regulatory filings, and gave tips for handling complaints and other challenging situations.
How To Work With Your European Data Protection Authority

Hogan Lovells has published Working with your European Data Protection Authority, a quick-reference resource guide on how to build a productive relationship with your DPA and featuring contact information of all national European Data Protection Authorities and the European Data Protection Supervisor.

From the European DPA resource guide:

10 Steps to a Productive Relationship with your DPA 

  1. In the jurisdictions important to your organization, identify the DPAs and their key staff.
  2. Understand the DPA’s current priorities and prior statements and positions.
  3. Identify the filing and registration requirements in the DPA’s jurisdiction, and make sure your organization takes steps to comply.
  4. Document key features of your privacy program and be prepared to explain if and when requested by your DPA.
  5. Consider whether to ask for an introductory meeting with the DPA or staff.
  6. Don’t assume DPA knows your company, even if you work for a “brand” name -- educate them!
  7. Join and participate--if possible--in local group or association meetings with DPA or staff.
  8. Consider proactive approach – direct or through third party – to test DPA reaction to key projects.
  9. Handle data subject complaints promptly, before they escalate to DPA.
  10. Attend and network at key international conferences attended by DPAs

 

HL Chronicle of Data Protection

Future-Proofing Privacy: New and Stronger Rights

The Regulation aims to strengthen the rights of individuals. It does so by retaining rights that already exist under the Data Protection Directive and introducing the new rights of data...

06 June 2016
Loading data