Autoren
Axel Frhr. von dem Bussche

Dr. Axel Frhr. von dem Bussche, LL.M. (LSE)

Partner

Read More
Paul Voigt

Paul Voigt, Lic. en Derecho, CIPP/E

Partner

Read More
Autoren
Axel Frhr. von dem Bussche

Dr. Axel Frhr. von dem Bussche, LL.M. (LSE)

Partner

Read More
Paul Voigt

Paul Voigt, Lic. en Derecho, CIPP/E

Partner

Read More

19. August 2020

Data protection compliance – Global project steering

  • Quick Read

In order to keep efforts and costs down, global enterprises often implement "one size fits all" uniform solutions on a worldwide level (eg HR data systems, compliance policies, cyber security, use of centrally provided shared services etc). Due to different legal standards in various countries, such worldwide implementation often leads to frictions regarding local law and culture.

Depending on the specific project, a classification into the following phases may be helpful in rollouts relating to data protection.

Analysis Phase: Shaping the project

  • Collecting relevant facts and shaping the result desired by the client.
  • Allocating involved jurisdictions and local counsels (tailored legal network).
  • Legal analysis: How can the desired global implementation be justified with minimum local alterations (pragmatic business-oriented approach).
  • Shaping uniform paperwork for implementation (global template), including:
    • summary of facts and legal analysis for local counsels
    • questionnaire for local counsels
    • suggestion for a compliant master solution.

Rollout Phase: Collecting "add on" input from local counsels

  • Global rollout of "global template" to local counsels:
    • pragmatic approach – in order to keep costs down, local counsels may only suggest amendments to the global template where strictly required by local laws
    • fixed fee for work of local counsels, where appropriate
    • fixed deadline for work of local counsels, where appropriate.
  • Follow-up communication with local counsels (including follow-up communication) if the desired result was not achieved yet.
  • Summary of local implementation risks/local to-dos.
  • Step plan for implementation, including local to-dos.

Rollout Phase: Collecting "add on" input from local counsels

  • Internal and external steering of implementation requirements.
  • Implementation of local to-dos according to "implementation step plan":
    • local authority filings
    • preparation and conclusion of contracts
    • collection of consent declarations
    • draft of notices to employees and contract partners
    • "shaping" of the implementation according to local requirements/standard.

Please click here to download the article as PDF file.

Call To Action Arrow Image

Newsletter-Anmeldung

Wählen Sie aus unserem Angebot Ihre Interessen aus!

Jetzt abonnieren
Jetzt abonnieren

Related Insights

robot
Datenschutz & Cyber-Sicherheit

Data Protection Officer – FAQ

21. August 2020
IN-DEPTH ANALYSIS

von mehreren Autoren

Klicken Sie hier für Details