EU General Data Protection Regulation (GDPR) - Compliance checklist

Introductory note:
The General Data Protection Regulation (GDPR) is a regime of personal data protection requirements adopted by the European Parliament which regulates “personal data”. While GDPR is EU law, it has unprecedented extra-territorial reach. If the GDPR applies to your organisation, you must ensure that your organisation complies with both the GDPR and the Australian Privacy Act 1988 (Cth) (the Privacy Act).

How to use this checklist:
This checklist will assist you to identify the key areas of risk and priorities for Australian organisations seeking to comply with the GDPR.

Links to related content:
For guidance on whether the GDPR applies to your organisation, see Overview — What is the GDPR and when does it apply to Australian organisations?