General Data Protection Regulation

With the approval of the RGPD, the European data protection regulations are reformed, establishing new rules that replace the old regulatory framework of the European Union in the field of data protection.

For the lawyers specialized in data protection, this reform means a 180 degree turn when advising their clients for the correct fulfilment of the data protection regulations.

As of May 25, 2018, RD1720/2007 or the Regulation of development of the LOPD that defined the technical and organizational measures of security, is no longer applicable and therefore obligatory for companies, applying the criterion of Approximation to the Risk as far as the fulfilment of the organizational and Security obligations.

In addition, the principle of Accountability or proactive responsibility is implemented in the companies, so that data controllers and processors must implement measures that guarantee and allow demonstrating to comply with the RGPD through policies adapted to the needs of the organization.