THE PRIVACYPERFECT BLOG

Checklist for DPOs starting at a new company

Jun 4, 2020 2:04:43 PM / by PrivacyPerfect posted in DPO, Data Protection Officer, Personal Data, GDPR Controller, gdpr2020, law firms, legal services

Starting at a new organisation as a Data Protection Officer is very exciting, but can also feel a little overwhelming: Where to start? What to do first? Who to talk to? How to get up to speed as fast as possible? To help ease the transition, we have created a checklist for the first couple of months that DPOs may find useful when starting out at their new company. 

Read More

Healthcare institutions and GDPR compliance in a digital world

May 7, 2020 2:33:10 PM / by PrivacyPerfect posted in EU, Data Privacy, Data Protection, Data Security, DPO, Data Protection Officer, GDPR Controller, gdpr2020, healthdata, healthcare

Digital transformation is and has been the focus of many organisations in the last couple of years, including those of the healthcare sector. This shift brings with it new, additional aspects for all areas, a major one being data protection. In the healthcare sector, where a huge amount of sensitive personal data is being processed on a daily basis, protection of this data has to be of top priority, with strict procedures, access controls, and guidelines on privacy. As such, compliance with the GDPR, within digitized care and cure organisations, is crucial. Let’s take a look at how you can ensure compliance for your healthcare organisation without disrupting the efficiency of your work.

Read More

How to gain C-level support for your compliance efforts

Apr 2, 2020 9:00:00 AM / by PrivacyPerfect posted in DPO, Data Protection Officer, GDPR Controller, Reputation under GDPR, GDPR Reputation, gdpr2020, data minimisation

The role of the Data Protection Officer (DPO), is one that’s often met with mounting pressure and increasing challenges due to the complexity of regulations, a huge amount of workload, and dependency of support of other departments. The GDPR also emphasises on the importance of the role the DPO has in major business decisions, since these need to be aligned with the regulation and  organisation’s data protection strategy, in order to maintain compliance. With so much going on, getting the right tools, resources, and support from top-levels is absolutely essential for this role. At the same time, DPOs are often faced with reluctance, and are sometimes struggling to gain additional support from C-level management. In this blog post, we provide tangible advice on getting this support.

Read More

All you need to know about Data Processing Agreements

Mar 19, 2020 4:04:37 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Protection, DPO, Data Protection Officer, GDPR Controller, GDPR Processor, GDPR Reputation, gdpr, DPA, gdpr2020

One way or another, almost all organisations rely on third parties for processing personal data in today’s digital world, creating a direct need for data processing agreements (DPA). Even the tools that are considered to be the basic necessities in business, such as email clients, CMS systems, data storage servers, or website analytics, all process personal data on behalf of organisations. With the introduction of the GDPR, there are strict requirements and guidelines on how this can be done in a compliant manner, through signed DPAs between the organisation (the data controller) and any party that acts as a data processor on their behalf. But what are Data Processing Agreements (DPAs), are they really necessary for you, what do they look like, and who needs to be involved from within your organisation? 

Read More

How can organisations create the perfect privacy statement?

Feb 20, 2020 5:31:59 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Compliance, Data Security, Personal Data, GDPR Controller, gdpr2020

The GDPR highlights that data subjects need to be given the right to be informed about the gathering and the use of their personal data. Organisations are encouraged to fulfill this obligation through a privacy statement, that informs individuals in a clear and easily understandable manner on how their personal data is gathered and processed by the organisation. At the same time, organisations often find challenges in creating the perfect privacy statement as narrowing down a huge variety of complex legal information is not a task for the faint hearted. Furthermore, with the enforcement of the GDPR, previous privacy statements also had to be readjusted. So, what do organisations need to keep in mind for creating the perfect privacy statement, and what benefits it holds to have one, besides compliance?

Read More

What are Some Key Differences Between Consent & Legitimate Interest?

Jan 9, 2020 2:11:47 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Processing, Data Protection Officer, GDPR Controller, GDPR Processor, Data Controlling, GDPR Reputation, Data Consent, Consent, Marketing under GDPR, GDPR for Marketers, gdpr, DPIA

Legitimate interest and consent are two of the six lawful bases that data processors can choose from when gathering and processing data subject personal data. Both of the mentioned lawful bases are the most commonly used reasoning among organisations for their data gathering. But what are some of the key differences between the two? 

differences_consent_legitimate_interest_lawful_basis

Read More

The future of data processing in driverless cars: the shift from connected to autonomous

Jun 26, 2019 11:00:00 AM / by PrivacyPerfect posted in USA, EU, Processing, GDPR Controller, GDPR Processor, Data Controlling, Connected Automobiles

The shift from ‘connected cars’ (cars communicating with their manufacturers, traffic lights, surrounding vehicles etc.) to ‘self-driving’, ‘driverless’ or ‘autonomous cars’, will impose new challenges to GDPR compliance. Business models and use cases of such cars will change, as will controllership, processors, purposes, and types of data being processed. In this article, we will discuss the repercussions and challenges to GDPR compliance in this paradigm shift.

Read More

    Lists by Topic

    see all
    harmas_Rajztábla 1-1
    Keep informed!
    Sign up to the Weekly GDPR Digest now.