IMI HELPS ENFORCE GDPR

Since the 25^th of May 2018, the Internal Market Information System (IMI) has been the IT platform that ensures the proper implementation of the General Data Protection Regulation (GDPR).

Under the GDPR, the supervisory authorities (SA) of the Member States can closely cooperate to ensure consistent protection of individuals’ data protection rights throughout the European Union.

Now, more than ever, assisting each other and coordinating decision-making in cross-border data protection cases is of paramount importance. In addition, the European Data Protection Board will issue opinions and take binding decisions towards national data protection authorities to arbitrate different positions on cross border cases.

Such a high degree of administrative cooperation across Europe will now go through IMI.

Data protection has always been one of the main concerns of IMI: the “Privacy by design” principle, in fact, has been applied to IMI from the start, since 2008.
This year, apart from celebrating the 10th anniversary of IMI, we are therefore also celebrating the successful launch of the data protection modules in the IMI system.

With IMI, supervisory authorities will be able to:

• identify the Lead Supervisory Authority for a cross-border case
• cooperate for the resolution of cross-border cases
• request and provide assistance to other Member State's SAs
• arrange joint operations involving multiple Member State's SAs
• consult the European Data Protection Board to obtain an opinion or a binding decision
• … and much more!

IMI and GDPR: facts and figures

• GDPR is the 13^th legal area supported by IMI.
• To address the needs of data protection authorities, the IMI team created 14 IMI modules, 19 forms and more than 10,000 new data fields.
• On the 25^th May, the first case was initiated in IMI, and shortly afterwards the supervisory authorities started to cooperate via the system.
• Currently, more than 60 cross-border cases are under investigation.