Chapter VI of GDPR contains provisions regarding the “Supervisory Authority” that will monitor the implementation of GDPR. Each Member State will provide one or more Public Authorities to be responsible for monitoring the application of GDPR for which each state may enact appropriate laws.
A provision has been made to set up a European Data Protection Board (EDPB) which will be the apex monitoring authority for implementing the GDPR. The head of one supervisory authority from each State would be a member of the EDPB.
We may expect more guidelines, recommendations , best practices and clarifications from the Board from time to time on different aspects of GDPR such as “Erasure of Data”, “Profiling”, “Data Breach notification” etc.
While similar guidelines already exist under the banner of the Working Party 29 under the old directive, the roles that will be played by the earlier supervisory bodies such as the European Data Protection Supervisor and the Working Party under the new regulations will become clearer after some time.