Why this blog
Article 40.1 of the GDPR states that Codes of Conduct should be encouraged. The first ‘evaluation’ of the GDPR by the European Commission and the recent evaluation of the Dutch GDPR implementing Act underscore the importance of a Code of Conduct not only to strengthen the position data subjects but also to give all stakeholders more clarity about the specific meaning of the terms of the GDPR and national implementing Acts for the sector covered by the Code of Conduct. However, four years after the GDPR became fully applicable, there are hardly any such Codes of Conduct. Not on the European level and not on the national level. The promise of Codes of Conduct remains unfulfilled. In this blog I argue that the main reason behind this is that according to the EDPB Guidelines on Codes of Conduct and Monitoring Bodies an accredited external and independent monitoring body (hereinafter: EIMB) of the Code of Conduct must be appointed and that this requirement does not follow from the GDPR.
Read more: download the PDF
Evert-Ben van Veen
 Zoals met name geregeld in de Zorgverzekeringswet, de Wet marktordening in de zorg en de Wet op het CBS.