Soon the GDPR (Global data privacy regulation) will come into force, but what is expected of you? As you probably know, Europe expects everyone to protect the privacy data of all Europeans. This regulation, which was drawn up primarily with the subject of the data in mind, expects data processors to do "everything" to guarantee this privacy. The technological aspects, the retention periods and the retrievability of this data become much stricter with this legislation. It is no longer enough to have the right intention; certain requirements are also imposed on the processing and storage of this data.
The legislation is already in force, but pronouncements and clarifications will only be made after May 2018, when the first case studies are known. Therefore, it is important to already have a solid basis and a plan of what you are going to do, so that in case of an investigation by the data protection authority (new privacy commission), you can demonstrate that you have done and are doing the necessary.
I am a DPO certified by the Data Protection Institute, with years of experience in IT. This allows me to help you in a pragmatic way to propose the right measures and possibly set them up so that with the least effort and cost, you can achieve your chosen level of risk. Finally, your business operations remain your most important activity, not dealing with new data protection regulations.
I will therefore help you to draw up a register, to map the various risks of data breaches, to work out a way of retrieving all personal data in the many files and other data sources you have. Together, we can assess any risks and work out remedies. Such that if there is a complaint or a question from a person or the privacy commission, you can meet the legal requirements with limited effort and costs. If you already have a data controller, I would be happy to work with them.
I can also assist you with any questions from the data protection authority, or even be the contact point for the data protection authority. A contract can be drawn up in such a way that the necessary deadlines set out in the regulation can be guaranteed.