Upload File

gdpr - health check · (gdpr) has changed the european privacy landscape considerably. are you...

  • Home
  • Documents
  • GDPR - Health Check · (GDPR) has changed the European privacy landscape considerably. Are you ready for these changes and how do you continue to approach this privacy law? We will
4
Health Check GDPR

Upload: others

Post on 06-Oct-2020

4 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: GDPR - Health Check · (GDPR) has changed the European privacy landscape considerably. Are you ready for these changes and how do you continue to approach this privacy law? We will

Health Check GDPR

Page 2: GDPR - Health Check · (GDPR) has changed the European privacy landscape considerably. Are you ready for these changes and how do you continue to approach this privacy law? We will

03

Health Check

Are you ready for the changes brought about by the General Data Protection Regulation (GDPR)?

The ProblemAre you ready for the changes brought about by the General Data Protection Regulation (GDPR)? Have a look at this extract summary of a GDPR checklist:

How to operationalize this privacy law?

Where do you stand and what comes next?

Topic Yes/No

We are ready to manage data access rights

We comply with personal data breach notification obligations

We keep an inventory of all processing of personal data

We ensure and document data protection by design and by default

We have the appropriate mechanisms in place to legitimize international data transfers

We comply with GDPR in our role of processor or controller and are able to prove it

We have a process in place to delete personal data in accordance with the right to be forgotten

We perform Data Protection Impact Assessments (DPIA) as required

We take proper security measures including pseudonymization and encryption of personal data

We can demonstrate compliance with GDPR

Not sure what to answer? Yes, no, maybe? Have a look at the GDPR Health Check solution to point you in the right direction.

Page 3: GDPR - Health Check · (GDPR) has changed the European privacy landscape considerably. Are you ready for these changes and how do you continue to approach this privacy law? We will

04

Health Check

Our solutionThe General Data Protection Regulation (GDPR) has changed the European privacy landscape considerably. Are you ready for these changes and how do you continue to approach this privacy law?

We will help you to get the most from these changes on your journey towards ensuring compliance within your organization in relation to GDPR. Take advantage of our GDPR Health Check solution.

GDPR Health Check

Review the register of processing activities to ensure its exhaustiveness and potentially identify existing gaps in terms of the regulation.

Our team will assess the GDPR compliance project plan, which may include interviews and inspection of existing documentation. We will then propose pragmatic improvements (prioritization, etc.).

We will review the target operating model and provide you with our findings and suggestions. Finally, we will answer any related questions you may have and define the next steps.

The GDPR Health Check is a simple and powerful solution on the journey of your organization becoming compliant with the GDPR. Having a GDPR Health Check can be (1) instrumental in finding the areas with the biggest risk, (2) measure how mature the organization currently is in relation to GDPR and (3) focus on the areas that most urgently need action to become GDPR compliant.

Below is an illustration of our three steps approach to review the status of your GDPR implementation:

MAIN ACTIVITIES WORKING DOCUMENTS & DELIVERABLES

• Please deliver editable table

• Please deliver editable table

• Please deliver editable table

• Meeting notes• Assesment of the register section of the final report• comments and review in the register

• Meeting notes• Review of the project plan section of the final report

• Meeting notes• Review of the target operating model section of the final report

REVI

EW O

F G

DPR

CO

MPL

IAN

CE

PRO

JECT

PLA

NRE

VIEW

OF

TARG

ET

OPE

RATI

NG

MO

DEL

0203

REVI

EW O

F TH

E RE

GIS

TER

OF

PRO

CESS

ING

ACT

IVIT

IES

01

01

02

03

• Conduct kick off session with project governance & main stakeholders

• Conduct review session(s) with register owners

• Assess of the register of processing activities in comparison of :

- Similar registers - Expectations from the business - Consistency

• Conduct review session(s) with the GDPR project manager and the relevant stakeholders

• Analyse and review project plan in terms of: - Advancement - Priorities - Feasibility

• Conduct review session(s) with relevant stakeholders

• Review of the GDPR governance structure

• Review of processes documentation

• Review of target architecture supporting GDPR

• Meeting notes

• Assessment of the register section of the final report

• Comments and review in the register

• Meeting notes

• Review of the project plan section of the final report

• Meeting notes

• Review of the target operating model section of the final report

Page 4: GDPR - Health Check · (GDPR) has changed the European privacy landscape considerably. Are you ready for these changes and how do you continue to approach this privacy law? We will

Roland BastinPartner - Governance, Risk & Compliance+352 451 452 [email protected]

Jean-Pierre MaissinPartner - Technology & Enterprise Application+352 451 452 [email protected]

Irina HedeaPartner - Governance, Risk & Compliance +352 451 452 [email protected]

Georges WantzManaging Director - Technology & Enterprise Application +352 451 454 [email protected]

Loïc Saint-GhislainDirector - Technology & Enterprise Application +352 451 452 [email protected]

Contacts

Deloitte is a multidisciplinary service organization that is subject to certain regulatory and professional restrictions on the types of services we can provide to our clients, particularly where an audit relationship exists, as independence issues and other conflicts of interest may arise. Any services we commit to deliver to you will comply fully with applicable restrictions.

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited ("DTTL"), its global network of member firms and their related entities. DTTL (also referred to as "Deloitte Global") and each of its member firms are legally separate and independent entities. DTTL does not provide services to clients. Please see www.deloitte.com/about to learn more.

Deloitte is a leading global provider of audit and assurance, consulting, financial advisory, risk advisory, tax and related services. Our network of member firms in more than 150 countries and territories serves four out of five Fortune Global 500® companies. Learn how Deloitte’s approximately 264,000 people make an impact that matters at www.deloitte.com.

This communication contains general information only, and none of Deloitte Touche Tohmatsu Limited, its member firms, or their related entities (collectively, the “Deloitte Network”) is, by means of this communication, rendering professional advice or services. Before making any decision or taking any action that may affect your finances or your business, you should consult a qualified professional adviser. No entity in the Deloitte Network shall be responsible for any loss whatsoever sustained by any person who relies on this communication.

© 2020 Deloitte Tax & Consulting Designed and produced by MarCom at Deloitte Luxembourg.

Deloitte Luxembourg20 Boulevard de KockelscheuerL-1821 LuxembourgGrand Duchy of Luxembourg

Tel.: +352 451 451www.deloitte.lu


GDPR aspects for system integrators and end customers Axis … · 2020-02-07 · The GDPR does not obligate developers/ manufacturers to build in privacy by design and privacy by

GDPR: privacy as a way of life2 GDPR: privacy as a way of life There is a danger of treating the GDPR as a ‘tick the box’ compliance activity, rather than a deliberate move towards

Privacy Impact Assessment - Sourcing Nederland · The organizational privacy impact assessment reviews basically all GDPR articles and gives insight to define the organizations privacy

CALIFORNIA CONSUMER PRIVACY ACT AND GDPR – HOW DO …/media/files/insights/... · CALIFORNIA CONSUMER PRIVACY ACT AND GDPR – HOW DO THEY DIFFER? KEY COMPLIANCE POINTS FOR BUSINESSES

Developer view on new EU privacy legislation (GDPR)

CCPA & GDPR - Reboot Communications · 2019-02-13 · Extraterritorial scope forced companies to implement privacy into business ... (GDPR equivalent of controller) • Does business

GDPR Quick Start Guide. · GDPR Quick Start Guide. Your guide to all the key terms you need to be ... GDPR identifies “privacy by design” and “privacy by default” as specific

PRIVACY AWARENESS GENERAL DATA PROTECTION … · 2020-01-06 · PRIVACY AWARENESS GENERAL DATA PROTECTION REGULATION (GDPR) The General Data Protection Regulation (GDPR) that has

Guide to enhancing privacy and addressing GDPR ...download.microsoft.com/.../microsoft-sql-and-the-gdpr.pdf · Guide to enhancing privacy and addressing GDPR ... SQL Server Audit

GDPR and Worldwide Data Privacy Compliance

Stricter than the GDPR, China’s Privacy Law Provides

ISACA Privacy Open Forum - GDPR

gdpr Compliance Checklist - Global Privacy & Security ... · GDPR Compliance Checklist . GDPR Compliance Checklist This GDPR Compliance Checklist sets out the key requirements that

GDPR Compliance: Building on the Past, Preparing for the Future · 2019-03-06 · GDPR REQUIREMENTS GDPR contains a number of requirements for protecting the privacy of personal data

GDPR - What does this mean for you? Accelerate GDPR ... · How does GDPR affect organizations? Enhancedpersonal privacy rights. Increased duty for protecting data. Mandatory breach

GDPR in Context: Internal Privacy - Matheson · GDPR in Context: Internal Privacy ... Transparency as regards the use (in the broad sense referenced above) of personal data is a key

BUYER’S GUIDE - GDPR, CCPA & Global Privacy Compliance Privacy... · © 2002-2018 Nymity Inc. 2018 PRIVACY COMPLIANCE SOFTWARE BUYER’S GUIDE 5 Section 1: Legal Research Software

Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & Privacy For GDPR

Data Privacy Journey - assets.kpmgprivacy roadmap and program were developed to comply with the requirements of the GDPR . The privacy maturity assessment unveiled important privacy

Comparing privacy laws: GDPR v. APPI

Stephen Deadman, Global Deputy Chief Privacy Officer, Facebook - CDO Europe 2017 (gdpr)

ISACA Privacy Open Forum - GDPR & HR

Next-Generation Privacy Protection: GDPR and BCR

Roadmap to the GDPR - Privacy Shield

WISER for the European Privacy Association GDPR Webinar Series

GDPR: Perceptions and Readiness - EuroCloud France · Regulation (GDPR) among individuals responsible for data privacy at companies with European customers. Goals and Methodology

The rise of privacy - Large Facilities Workshop · General Data Protection Regulation: How consumers can reclaim control of their privacy GDPR definition What is GDPR? The General

NEW DATA PRIVACY REGULATION - Intel · GDPR IS A NEW DATA PRIVACY REGULATION THAT GOES INTO EFFECT IN MAY 2018 GDPR affects all areas of IT from Cloud to the edge and companies will

Supporting Your EU GDPR Compliance Journey€¦ · Introduction On May 25, 2018, the General Data Protection Regulation (GDPR) comes into effect. GDPR is a European privacy and security

MANUALE PRIVACY GDPR - Industria Casearia Serafini...MANUALE PRIVACY GDPR DATA: Maggio 2018 CLASSE: ... paragrafo 1, della Carta dei diritti fondamentali dell’Unione europea («Carta»)

Privacy and the GDPR: How Cloud computing could be your failing

GDPR & HR infographic - Workday · GDPR & HR GDPR harmonises different EU country data privacy regulations into a single set of regulations GDPR by (some of) the numbers GDPR comes

TRANSFERRING DATA FROM THE EU: PRIVACY SHIELD AND …PRIVACY SHIELD AND DATA TRANSFERS UNDER THE GDPR On May 25, 2018, the EU’s new General Data Protection Regulation (GDPR) will

GDPR Compliance Privacy Policy Politica de

Nearpod helps safeguard individual privacy with GDPR Supports3.amazonaws.com/news.nearpod.com/pdf/GDPR-one-pager.pdfNearpod welcomes the General Data Protection Regulation (GDPR)