The Launch of the Third Coordinated Enforcement Framework Action

Written by

Achieved Compliance

On February 28, 2024, the European Data Protection Board (“EDPB”) announced the launch of its third Coordinated Enforcement Framework action. The focus of this initiative is on organizations' compliance with requirements to honor data subjects' right to access their data. In 2024, 31 data protection authorities across the European Economic Area, including seven German state-level authorities, will participate in the action. In identifying the right of access for its third coordinated enforcement action, the EDPB characterized it as “at the heart of data protection,” one that individuals often exercise. It also noted that individuals’ inability to obtain access is often the basis of complaints to authorities.

Authorities participating in the Coordinated Enforcement Framework will, in some cases, assess compliance with the right of access by gathering data to understand the extent to which companies meet their obligations to provide access. The information gathered will also help them understand whether a formal investigation should be initiated or follow-up is needed in ongoing investigations.

Authorities will review and analyze the results. Then, they will determine the necessity of further supervision and enforcement actions. At the conclusion of the Coordinated Enforcement Framework action, the EDPB will report the results and the insights derived from them.

How can Achieved Compliance help to apply these new regulatory requirements to company policy?

Below are three key takeaways from the EDPB and insights on how they’ll shape market demand across the compliance landscape:

1) Compliance with the GDPR is important for all companies. This sweep will not be limited to large technology companies or well-recognized large organizations.

2) The European authorities take compliance seriously and will investigate specific aspects of compliance across the marketplace.

3) This argues for the importance of competent, knowledgeable GDPR Article 27 representation.

Link to:

Drive Growth using the power of compliance as a catalyst for client trust. By aligning your policies with regulatory standards, you’re not just meeting legal obligations. You’re building a reputation for reliability and integrity that sets you apart from the competition. Please schedule a free consultation with Achieved if you have any questions.