Scribd Logo
Upload

Welcome to Scribd!

  • Compliant Processing of Personal Data, Incl Privacy & Security

    Uploaded by

    Ingrid de Bel
    3 views2 pages
    1. The document outlines a "Core Process 1" for assessing GDPR compliance. It involves assessing the legality of data processing, determining if a DPIA is needed, conducting the DPIA, evaluating the legality of data sharing, and approving the process with the data protection officer. 2. The process includes determining if personal information is processed, analyzing compliance with GDPR, conducting a pre-DPIA assessment, performing a DPIA if needed, evaluating risks, and consulting with regulators if risks remain. 3. Lastly, the final steps are mitigating any risks, seeking approvals from managers, and updating records and registers over time like the Article 30 register.

    Original Description:

    Proces

    Original Title

    Compliant processing of personal data, incl privacy & security

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    1. The document outlines a "Core Process 1" for assessing GDPR compliance. It involves assessing the legality of data processing, determining if a DPIA is needed, conducting the DPIA, evaluating the legality of data sharing, and approving the process with the data protection officer. 2. The process includes determining if personal information is processed, analyzing compliance with GDPR, conducting a pre-DPIA assessment, performing a DPIA if needed, evaluating risks, and consulting with regulators if risks remain. 3. Lastly, the final steps are mitigating any risks, seeking approvals from managers, and updating records and registers over time like the Article 30 register.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    3 views2 pages

    Compliant Processing of Personal Data, Incl Privacy & Security

    Uploaded by

    Ingrid de Bel
    1. The document outlines a "Core Process 1" for assessing GDPR compliance. It involves assessing the legality of data processing, determining if a DPIA is needed, conducting the DPIA, evaluating the legality of data sharing, and approving the process with the data protection officer. 2. The process includes determining if personal information is processed, analyzing compliance with GDPR, conducting a pre-DPIA assessment, performing a DPIA if needed, evaluating risks, and consulting with regulators if risks remain. 3. Lastly, the final steps are mitigating any risks, seeking approvals from managers, and updating records and registers over time like the Article 30 register.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 2

    Gegevensbescherming (AVG)„Core 

    Process 1“
    3.
    Beoordeling/
    Toets GDPR
    Principes
    1. (incl. 9.
    Beoordeling rechtmatighe Updaten/Aanpass
    Samenwerkin id en Registers (o.a.
    g/Opdrachtevr toestemming 5. Voer 7. Indien Rest Art. 30 Register).
    lening 3e / Legitiem DPIA uit risico’s consulteer
    Party Belang) indien nodig. de FG/AP

    2. Beoordelen 4. Informatie 6. Evalueren 8. Goedkeuring


    van de verzamelen en rechtmatigheid FG/ Proces- of
    rechtmatigheid beoordelen of doorgifte project eigenaar.
    van de DPIA nodig is persoonsgegevens/
    verwerking van (Pre-DPIA) Voer een T.I.A. uit,
    persoonsgegeve indien nodig.
    ns

    Page 1
    Plan Do Check Act

    Approval
    Is PII GDPR Risk BPO/Proce
    TOM's/Notification
    processed Compliance Pre-DPIA DPIA SA
    Mitigation ss Owner &
    ? analysis DPO
    Plan
     

    Approval
    Review/
    Information

    Data CISO/Proce
    IT Risk Risk Mitigation Monitor 3rd
    General

    IT System Mapping/Cl ss Owner


    Assessment (TOM's)
    (Ja of nee)
    ssification party/ TOM's
     

    Review/
    Monitor
    DPA/SCC's 3rd
    party/
    TOM's
    3rd party
    vendor/s Vendor Risk Processing in Approval
    Vendor is DPO/
    upplier? Assessment "3rd country"?
    "processor"? Process
    processed?
    Owner

    Vendor TOM's
    Review T.I.A.

    You might also like