Professional Documents
Culture Documents
Section 2 Key Concepts GDPR Compliance Beginners
Section 2 Key Concepts GDPR Compliance Beginners
Section 2 Key Concepts GDPR Compliance Beginners
CERTIFIED GDPR
DATA PROTECTION
COMPLIANCE
FROM THEORY TO PRACTICE
FOR BEGINNERS
Professor drs mr Romeo Kadir MA MSc LLM (Adv.) LLM EMBA EMoC
EU
RDPP
REGISTERED
EVALUATION METHOD
Quiz
EXAMPLES
EXAMPLES
Compliance/Risk management
department
Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes
of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons,
the controller and the processor shall implement appropriate technical and organisational measures to ensure
a level of security appropriate to the risk, including inter alia as appropriate:
Source: https://www.enisa.europa.eu/publications/definition-of-cybersecurity
Action = Somebody in the organisation should check if the processing actually is lawful
S PECIFIC
Actions should be SMART M EASURABLE
A CCEPTED
R EALISTIC
T IME RESTRICTED
COURSE CODE | SP0-CDPC-CS1-20
TOPIC 2.2.2
EXAMPLES OF GDPR COMPLIANCE CONTROLS (which may change due to new regulations, policies and standards)
An outline (programme) of a set of GDPR compliance goals and processes by which an organisation or Data
Protection Officer (DPO) can accomplish compliance with obligations pursuant to the GDPR.
Through a GDPR Compliance Work Plan one can break down (structure) main processes into small, achievable
tasks and identify the (SMART) defined actions a data controller is supposed to implement.
Although it is also good practice to determine for the DPO (or the organisation) to draw up a “work plan”
(recommendation of the EDPB, Guidelines DPO, Section 3.2, page 14), There are no specific requirements for this
(free format).
+ more advantages?
COURSE CODE | SP0-CDPC-CS1-20
TOPICS OF THIS LESSON 2.4
IBM’s
FRAMEWORK
SECTION 2 SECTION 4
SECTION 1 SECTION 3
GDPR WORK PLAN DATA SUBJECT RIGHTS
INTRODUCTION PRINCIPLES OF PROCESSING
ARCHITECTURE COMPLIANCE
FROM THEORY TO PRACTICE
FROM THEORY TO PRACTICE FROM THEORY TO PRACTICE
INSTRUCTIONS