Chapter 4 of the Data Protection Regulation deals with e.g. the general duties and responsibilities of controllers and processors, the provisions relating to the security of the processing of personal data, the data protection impact assessment and the appointment and tasks of the Data Protection Officer.