Professional Documents
Culture Documents
Events - (Paper) Data Protection Certification For GDPR A 15-10-19
Events - (Paper) Data Protection Certification For GDPR A 15-10-19
Reg. 679/2017
Reg. 765/2008 (GDPR)
ISO 17020 ISO 17021 ISO 17024 ISO 17025 ISO 17065
INSPECTION MANAGEMENT STAFF TRAINING
riproduzionevietata©RiccardoGiannetti2019
EN-ISO/IEC Additional
Accreditation
17065 Requirements
Guideline 4/2018
riproduzionevietata©RiccardoGiannetti2019
Annex 1
Why ISO 17065:2012?
It does not establish requirements
for schemes
SPECIFIC CERTIFICATION
• ISO 17021-1
• Ensures the company’s ability to structure itself
and managing resources and internal processes in
order to meet the customers needs
• can be used as best practice
riproduzionevietata©RiccardoGiannetti2019
Non-specific certifications
and guidelines under GDPR
27701
ISO
ISO27001
27018
ISO ISO
29151 31000
ISO
GDP ISO19011
R
29134 17021-1
riproduzionevietata©RiccardoGiannetti2019
ISO ISO
29100 22301
ISO
ISO 9001
ISO 25024
28590
ISO 17065 vs ISO 17021
This Regulation lays down the rules to the This standard is applicable to all
protection of natural persons with regard to the types of organisations.
processing of personal data and to the free This International Standard
movement of personal data. specifies the requirements to
Art. 1 (1) §1 establish, implement…and improve
a documented ISMS within a
context of risks relating to the
overall business of the organization
‘Personal data’ means any information relating “Good” : Anything of value to the
Art. 4 (1)
to an identified or identifiable natural person § 3.1 organization
(‘data subject’)…
…the controller shall implement appropriate Privacy and protection of
technical and organizational measures to ensure personally identificable
and be able to demonstrate that the processing information:
Art. 24 (1)
is performed in accordance with this Regulation A.18.1.4 Privacy and protection of personal
data identifiable information shall
be ensured by relevant legislation
and regulation.
SPECIFIC CERTIFICATION:
• ISO 17065
• Is a form of «direct insurance» where the direct
correspondence of a product or a service with
the applicable requirements is verified
Trasduction of the GDPR provisions (articles and
recitals )
• Non pre-constituted schemes
riproduzionevietata©RiccardoGiannetti2019
Specific certification
for GDPR
Data protection certification mechanism
Specific Non specific
GDPR Out GDPR
ISO/IEC 17065 ISO/IEC 17021-1
ISDP©10003
In scope
©Europrise
BS 10012
Art. 42
ISO 27001
ISO 27018
Out of scope ISO 22301
ISO 27701
ISO 9001
ISO 20000
GOODPRIVACY
Out of scope
riproduzionevietata©RiccardoGiannetti2019
BV GDPR CERTIFICATION
Out of GDPR JIPDEC
DPMS 44001
DPCO
• ISO 29134
• ISO 29151
• ISO 25024
• ISO 28590
what does it mean according to the GDPR?
Art. 43.1
Guidline
EN-ISO/IEC 4/2018
CaBs Accreditation
17065
Annex 1
Art. 42.5
Guidline
Certification Write according
1/2018
Certification
Scheme EN-ISO/IEC 17065
Annex 2
certification mechanism at October 15^
ISDP©10003
EuroPrise
BS 10012
According
ISO 27701 Art. 42.5
ISO 27001
ISO 9001
Goddprivacy
JipDec
BV GDPR
certification
THANK
YOU
riproduzionevietata©RiccardoGiannetti2019
Riccardo Giannetti
President Osservatorio 679
Scheme manager Inveo srl
r.giannetti@osservatorio679.org
Riccardo Giannetti