How to organise GDPR compliance on a group level in multiple jurisdictions ?
As we are approaching the first anniversary of GDPR coming into force, it is time to start assessing its relevance. Is it possible to assess how private and public operators comply with their new requirements? Which steps have these operators taken to adapt their processes and structure? What challenges did they face and what were the outcomes? Are the organisations that are responsible for controlling GDPR application and imposing sanctions actually able to check compliance? What conclusions can be drawn based on these assessments? Has GDPR enabled to improve data protection for users?