fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " compliance "

New Year resolution: “I will collect details of transfers from the European Union into the UK and vice-versa”

Mrs May, at the last Prime Minister’s Questions before the Xmas recess, said in response to a question from a Conservative MP: “ We are very clear that we (the UK) will be leaving the EU on 29 March 2019 at 11 pm”. As Government policy is for the UK to become a Third Country on this date, what does this imply?

Source: New Year resolution: “I will collect details of transfers from the European Union into the UK and vice-versa”

GDPR, consent and data processing

Websites, mobile apps, IoT devices, smartphones and just about any other products, systems or processes will, in a majority of cases, might soon need to redesign and re-engineer how user consent is being processed. Why? Because of the European General Data Protection Regulation.

Source: How to: GDPR, consent and data processing

Luxembourg’s DPA launches GDPR compliance tool

The CNPD, with support from Digital Luxembourg and in conjunction with the Luxembourg Institute of Science and Technology (LIST), has developed a GDPR Compliance Support Tool. The purpose of this tool is to offer users an innovative, intuitive solution for ascertaining the level of maturity of their organisations with regard to data protection.

Source: Launch of compliance support tool for new general data protection scheme — National Commission for Data Protection // Luxembourg

If GDPR Compliance Doesn’t Start With Information Governance, You’ll Probably Fail

Most discussions regarding the EU’s impending General Data Protection Regulation (GDPR) — scheduled for implementation in May 2018 — focus squarely on consent management (i.e., making sure organizations have permission to use the data they are collecting and processing). This focus certainly makes sense. Consent management is critical to organizations’ abilities to continue doing business as usual in the face of the new regulation. However, as data collection and processing continue to soar — and there are no signs the consent requirement will slow data growth — organizations are increasingly challenged to secure the data they process, as required by Article 32 of the regulation.

Source: If GDPR Compliance Doesn’t Start With Information Governance, You’ll Probably Fail

CPO and CISO: The Evolving Roles of Privacy and Security Professionals

Two major roles within companies are increasingly coming under review for applicability within varying data protection requirements. The Chief Privacy Officer (CPO) and the Chief Information Security Officer (CISO) — or an employee with similar responsibilities — are responsible for what may be viewed as mutually exclusive responsibilities, but no longer. Their roles and responsibilities seem both to overlap and clash. Please note that “chief” does not necessarily denote C-level status. When it comes to compliance roles in general, “chief” often means the top person in the role, not a c-level designation.

Source: CPO and CISO: The Evolving Roles of Privacy and Security Professionals – ACCDocket.com

Companies mistakenly believe cloud service providers are responsible for compliance

Although organizations are adopting a multi-cloud approach, the research shows that when it comes to public clouds specifically, there are likely misconceptions around which party holds the ultimate responsibility for data management: the customer or the cloud provider.

Source: Veritas Study: Alarming Majority of Organizations (69%) Export Full Responsibility for Data Protection, Privacy and Compliance onto Cloud Service Providers

>