eIDAS 2.0 Compliance Checklist
20 actionable steps across 4 domains. Track your progress and ensure your organisation is ready for the EU Digital Identity Wallet.
Compliance Checklist
Category 1 of 4
Legal & Regulatory
0 of 5 items completed
Map your regulatory obligations under eIDAS 2.0
Start by identifying every article and implementing act in the revised eIDAS Regulation that applies to your organisation. Mapping obligations early prevents last-minute surprises and gives legal teams time to interpret sector-specific nuances.
Identify if you qualify as a relying party requiring mandatory EUDIW acceptance
The regulation mandates that certain public-sector bodies and regulated private-sector organisations must accept the European Digital Identity Wallet. Determine whether your services fall within scope by reviewing the sectors listed in the Annex.
Review and update privacy policies for digital identity data processing
Accepting wallet-based credentials means processing new categories of personal data. Your privacy policies must clearly describe what data you receive, why you process it, and how long you retain it.
Assess GDPR alignment with eIDAS 2.0 data handling requirements
eIDAS 2.0 reinforces GDPR principles such as purpose limitation and data minimisation while introducing wallet-specific obligations around selective disclosure. Conduct a gap analysis between your current GDPR posture and the additional requirements.
Establish legal framework for accepting electronic attestations of attributes
Qualified and non-qualified electronic attestations carry different levels of legal assurance. Define internal policies for which attestations you will accept, under what conditions, and what liability frameworks apply.