Professional Documents
Culture Documents
Compliant Processing of Personal Data, Incl Privacy & Security
Compliant Processing of Personal Data, Incl Privacy & Security
Process 1“
3.
Beoordeling/
Toets GDPR
Principes
1. (incl. 9.
Beoordeling rechtmatighe Updaten/Aanpass
Samenwerkin id en Registers (o.a.
g/Opdrachtevr toestemming 5. Voer 7. Indien Rest Art. 30 Register).
lening 3e / Legitiem DPIA uit risico’s consulteer
Party Belang) indien nodig. de FG/AP
Page 1
Plan Do Check Act
Approval
Is PII GDPR Risk BPO/Proce
TOM's/Notification
processed Compliance Pre-DPIA DPIA SA
Mitigation ss Owner &
? analysis DPO
Plan
Approval
Review/
Information
Data CISO/Proce
IT Risk Risk Mitigation Monitor 3rd
General
Review/
Monitor
DPA/SCC's 3rd
party/
TOM's
3rd party
vendor/s Vendor Risk Processing in Approval
Vendor is DPO/
upplier? Assessment "3rd country"?
"processor"? Process
processed?
Owner
Vendor TOM's
Review T.I.A.