Compliance, E-Government and Health Expert Subgroup meeting
10 January 2019
Premises of the European Data Protection Board, Brussels
1. Welcome - adoption of the agenda Approval of the minutes
A tour de table was made. The minutes had been previously approved by written procedure. The
agenda was approved.
2. Art. 40 and 41 GDPR guidelines (adoption)
Rapporteur presented the minor changes introduced to the draft guidelines. A discussion between the
members ensued, focusing on:
3. Opinion on Standard Contractual Clauses (28(2) GDPR)
The EDPB SEC introduced the specific request made by one of the members in IMI.
Several members volunteered to be rapporteurs.
One of the members wondered whether consensus could be reached as a general document, relevant
for all SAs, which was supported by another member.
The coordinators concluded by indicating they would call for more rapporteurs to join the drafting
4. Opinion on Interplay between CTR and GDPR (adoption)
Presentation by the rapporteur of the draft guidance to be provided to the CTR Q&A following a
request from the COM.
The required changes were agreed upon. The rapporteur clarified the timeline for discussion and
approval of the guidance.
5. Next meetings and varia
SEC provided update on SAESG. Made reference to potential health and research consultation
from the Commission. Changes were introduced to the workplan following requests from
Regarding CoC Guidelines: comments to be sent to rapporteurs until the 16th and new version
for members on the 22nd January. Rapporteur will forward new version on Friday 11th.
Comments should be limited to points 55th and beyond. Written state of play to be prepared
Annex: Attendance List; DPAs:
BE, CZ, DE (Federal and Brandenburg), IE, EL, ES, FR, HR, IT, LU, HU, NL, AT, PL, RO, FI, SE, UK,
- EDPB Secretariat
- European Commission