GDPR LIVE - SOLUTION FOR SUSTAINABLE COMPLIANCE WITH THE EU 2016/679 DATA PROTECTION REGULATION
We have divided a process of the GDPR (General Data Protection Regulation) compliance into the following areas:
- TRAINING in the area of personal data protection – adequate training at the level of senior management and staff who have permanent regular or irregular access to personal data.
- DIAGNOSTICS on the GDPR security status – input diagnostics of the current state of processing the controller's privacy via the GDPR Live portal. The output of the input diagnostics suppose to be documents that will form the basis for analysis and assessment of the GDPR compliance.
- ANALYSIS - Distribution of identified personal data of the controller according to key activities/competencies organizational units, assignment of processing purposes and relevant legal bases on which these personal data are processed, determining the extent of the impact for processing of personal data on data subjects & determining the organizational roles for the processors of personal data.
- DPIA (Data Protection Impact Assessment), resp. PIA (Privacy Impact Assessment) - impact assessment on data protection – represents the analysis and assessment of the risks to the rights and freedoms of the data subject and the identification of security incidents in order to fulfil the requirement of the reporting duty of the Office for Personal
- REVISION of controller contracts - assessment of compliance with EU Regulation 2016/679 in the contracts.
- RECORD EVIDENCE of processing activities.
Informattion support solution:
- GDPR live – education and information portal
- InLook system® – information support of management system objectification
The output of the solution is as follows:
- identifying the impact of GDPR on business process management
- assessment of organizational, personnel, technical and legal part of the controller’s readiness to ensure the GDPR requirements continuously
- GDPR compliance*
*GDPR compliance - permanent & professional follow-up activity continually improved, re-evaluated & modified by the data processor.
Through the GDPR compliance solution the personal data controller continually identifies:
- How many ? operations & centers process personal data for the controller;
- Who ? is responsible for handling of personal data;
- What ? personal data is processed;
- Where ? personal data is processed;
- Where / To Whom ? personal data is transferred;
- How ? personal data is secured.
SOLUTION OFFER FOR CONTINUOUS SUSTAINABILITY WITH GDPR COMPLIANCE