THE PRIVACYPERFECT BLOG

Checklist for DPOs starting at a new company

Jun 4, 2020 2:04:43 PM / by PrivacyPerfect posted in DPO, Data Protection Officer, Personal Data, GDPR Controller, gdpr2020, law firms, legal services

Starting at a new organisation as a Data Protection Officer is very exciting, but can also feel a little overwhelming: Where to start? What to do first? Who to talk to? How to get up to speed as fast as possible? To help ease the transition, we have created a checklist for the first couple of months that DPOs may find useful when starting out at their new company. 

Read More

8 GDPR compliance tips explained by Queen songs

May 19, 2020 12:39:25 PM / by PrivacyPerfect posted in GDPR Compliance, GDPR Explained, Personal Data, GDPR Processor, GDPR For Tech Companies, GDPR Summary, gdpr2020

Often the best way to tackle complicated matters is to make it fun. Because, the show must go on. Therefore, here are 8 essential tips to become and stay compliant with the GDPR if you don’t want to be the next one biting the dust.

Read More

Healthcare institutions and GDPR compliance in a digital world

May 7, 2020 2:33:10 PM / by PrivacyPerfect posted in EU, Data Privacy, Data Protection, Data Security, DPO, Data Protection Officer, GDPR Controller, gdpr2020, healthdata, healthcare

Digital transformation is and has been the focus of many organisations in the last couple of years, including those of the healthcare sector. This shift brings with it new, additional aspects for all areas, a major one being data protection. In the healthcare sector, where a huge amount of sensitive personal data is being processed on a daily basis, protection of this data has to be of top priority, with strict procedures, access controls, and guidelines on privacy. As such, compliance with the GDPR, within digitized care and cure organisations, is crucial. Let’s take a look at how you can ensure compliance for your healthcare organisation without disrupting the efficiency of your work.

Read More

How can your organisation recover after a personal data breach?

Apr 30, 2020 1:00:00 PM / by PrivacyPerfect posted in EU, Data Breach, DPO, Data Protection Officer, Data Controlling, Reputation, gdpr, gdpr2020

Since the enforcement of the GDPR approximately two years ago, over 160,000 breaches have been reported from across the EU. In the Netherlands alone, almost 27,000 data breaches were reported in 2019 - a 29% increase compared to the year before. Personal data breaches happen both due to external threats and internal security incidents, and both are on the rise. Given these figures and the large amount of personal data collected by organisations, even if the necessary safeguards are in place, the odds of a data breach happening within your organisation is quite high. So, what if a personal data breach does happen, how can you make sure that your organisation recovers from it quickly and well?

Read More

Debunking 5 common GDPR myths

Apr 23, 2020 9:00:00 AM / by PrivacyPerfect posted in Data Breach, Personal Data, Data Consent, Consent, gdpr, gdpr2020

Even two years after the enforcement of the GDPR, a lot of misconception and speculation surrounds the EU privacy regulation still. While most of us know one thing or the other about the GDPR, only a few have extensive knowledge on it, and what it means exactly in practice. In this blog post, we take a look at five common myths of the GDPR and set the record straight.

Read More

Why internal data breaches happen and how to reduce the risk of one

Apr 9, 2020 9:46:32 AM / by PrivacyPerfect posted in EU, Data Protection, Data Breach, Data Security, Personal Data, gdpr2020

While the news media today is often reporting on security incidents and data breaches that happen due to external threats such as cyberattacks, internal data breaches can pose just as big of a risk for organisations. As it’s common practice that several internal stakeholders hold access to various personal data handled by their organisation, the risk of a potential internal incident is quite high. So, how can you reduce the risks? 

Read More

How to gain C-level support for your compliance efforts

Apr 2, 2020 9:00:00 AM / by PrivacyPerfect posted in DPO, Data Protection Officer, GDPR Controller, Reputation under GDPR, GDPR Reputation, gdpr2020, data minimisation

The role of the Data Protection Officer (DPO), is one that’s often met with mounting pressure and increasing challenges due to the complexity of regulations, a huge amount of workload, and dependency of support of other departments. The GDPR also emphasises on the importance of the role the DPO has in major business decisions, since these need to be aligned with the regulation and  organisation’s data protection strategy, in order to maintain compliance. With so much going on, getting the right tools, resources, and support from top-levels is absolutely essential for this role. At the same time, DPOs are often faced with reluctance, and are sometimes struggling to gain additional support from C-level management. In this blog post, we provide tangible advice on getting this support.

Read More

All you need to know about Data Processing Agreements

Mar 19, 2020 4:04:37 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Protection, DPO, Data Protection Officer, GDPR Controller, GDPR Processor, GDPR Reputation, gdpr, DPA, gdpr2020

One way or another, almost all organisations rely on third parties for processing personal data in today’s digital world, creating a direct need for data processing agreements (DPA). Even the tools that are considered to be the basic necessities in business, such as email clients, CMS systems, data storage servers, or website analytics, all process personal data on behalf of organisations. With the introduction of the GDPR, there are strict requirements and guidelines on how this can be done in a compliant manner, through signed DPAs between the organisation (the data controller) and any party that acts as a data processor on their behalf. But what are Data Processing Agreements (DPAs), are they really necessary for you, what do they look like, and who needs to be involved from within your organisation? 

Read More

How to overcome the challenges of responding to DSARs

Mar 5, 2020 3:43:52 PM / by PrivacyPerfect posted in DPO, Data Protection Officer, GDPR Reputation, gdpr, Netherlands, gdpr2020, DSAR

Since the enforcement of the GDPR back in May 2018, organisations that process personal data within the EU & EEA are obligated to respond to a Data Subject Access Request (DSAR). DSARs are not new, however, the GDPR enforced a new set of new rules for the process. For instance, organisations today are required to respond within 30 days upon receiving a request. The tight time-frame and the process itself often poses challenges for organisations when responding to DSARs.

Read More

How can organisations create the perfect privacy statement?

Feb 20, 2020 5:31:59 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Compliance, Data Security, Personal Data, GDPR Controller, gdpr2020

The GDPR highlights that data subjects need to be given the right to be informed about the gathering and the use of their personal data. Organisations are encouraged to fulfill this obligation through a privacy statement, that informs individuals in a clear and easily understandable manner on how their personal data is gathered and processed by the organisation. At the same time, organisations often find challenges in creating the perfect privacy statement as narrowing down a huge variety of complex legal information is not a task for the faint hearted. Furthermore, with the enforcement of the GDPR, previous privacy statements also had to be readjusted. So, what do organisations need to keep in mind for creating the perfect privacy statement, and what benefits it holds to have one, besides compliance?

Read More

    Lists by Topic

    see all
    harmas_Rajztábla 1-1
    Keep informed!
    Sign up to the Weekly GDPR Digest now.