A new European privacy law

The General Data Protection Regulation (GDPR) will come into effect on May 25th 2018.

→ How does the GDPR impact me?
→ What can you do?
→ What can experts do for you?

How does the GDPR impact me?

The most important guidelines:

Privacy by Design

Considering privacy from the start of the development process is essential to address privacy successfully.

Consent

In order to process personal data, permission must be given.

Right to Access

Everyone has the right to see what personal data an organization processes from him or her.

Data Portability

Data must be provided so customers can easily switch to another organization.

Rights of Interested Parties

Everyone has the right to delete his or her personal data.

Legal Scope

All organizations that process personal data of EU citizens are subject to the GDPR.

Fines

Fines can be up to € 20 million, or for companies, to 4% of worldwide annual sales.

Hailing Data Breaches

The authorities must be notified within 72 hours in case of data breaches.

Data Protection Officer (DPO)

A DPO must be appointed by governments and in the processing of personal data on a large scale.

What can you do?

3 do it yourself steps to help you:

1. Preparation

• Perform a Privacy Impact Assessment (PIA) to detect privacy risks at an early stage.

• Map what data is being processed.

• Investigate whether you need to appoint a Data Protection Officer (DPO).

• Provide proper documentation of all actions taken.

Preparation on the GDPR

2. Security

• See what measures are necessary for an appropriate level of security.

• Implement these measures as soon as possible.

• Verify that the correct level of security is achieved by performing security audits.

Security for the GDPR

3. Reparation

• Limit the consequences: take the website temporarily offline.

• Analyze what went wrong.

• Report data breaches to the authorities in a timely manner.

• Collect evidence for any declaration of a cyber attack.

• Learn from the experience to prevent this from happening in the future.

Reparation at the GDPR

What can experts do for you?

Security is difficult. These experts are ready for you:

British Standards Institution

BSI's outsourced Data Protection Officer services enable organizations to implement a successful Data Protection programme so the business can continue to focus on its core activities. In addition to maintaining compliance, these services also deliver security, productivity, risk management and cost-efficiency benefits.

Data Protection OfficerPrivacy Impact Assessment

→ Visit Site
British Standards Institution

Privaon

Software assisted Privacy Impact Assessments and Independent DPO services for addressing advanced data protection issues and full GDPR compliance.

Data Protection OfficerPrivacy Impact Assessment

→ Visit Site
Privaon

TrustArc

TrustArc Privacy Risk Assessments entail a systematic evaluation of how personally identifiable information is collected, used, shared and maintained by an organization. The privacy risk assessment process provides development teams with the greatest opportunity to shape the evolution of products and services for successful business outcomes with as few privacy risks as possible.

Privacy Impact Assessment

→ Visit Site
TrustArc

Nixu

With Nixu's privacy services, you can ensure that personal information is handled according to laws and regulations, while minimizing information-related risks. Nixu can also help you to prepare a privacy policy as well as descriptions of file.

Data Protection OfficerPrivacy Impact Assessment

→ Visit Site
Nixu

ePrivacy

ePrivacy offers various seals for the certification of your products. As data protection experts, we apply all important technical and legal standards from the EU General Data Protection Regulation to the iab Europe OBA Framework. Show your compliance and strengthen the confidence of your customers, investors and business partners with a recognized privacy seal!

Data Protection OfficerPrivacy Impact Assessment

→ Visit Site
ePrivacy