Home/Tag: GDPR

Maximizing the Value of Your Privacy Impact Assessment

Telling your privacy story through a PIA

As privacy regulations have proliferated, companies have been scrambling to address the many new compliance requirements. One component that can prove challenging to implement is the Privacy Impact Assessment. 

Note: you can see our earlier whitepaper here.

While the Privacy Impact Assessment may initially be considered a compliance exercise, when properly […]

ISO 27701 Privacy Framework Could be the GDPR Certification We’ve Been Waiting For

Faced with regulatory penalties, an avalanche of due diligence questionnaires, and stringent contractual clauses, companies of all sizes have been impacted by GDPR. To date, most companies have tackled GDPR with sheer effort, investing billions of dollars toward compliance with little or no assurance their efforts have paid off. As a result, business leaders are left wondering “Are we compliant?” […]

Cloud Companies Can Conquer GDPR with ISO 27018 Certification

Cloud Companies Can Conquer GDPR with ISO 27018 Certification. Almost a year into a post-GDPR world, the question for many cloud service providers is still, “How do I evidence GDPR compliance?”  With no meaningful certification in sight, the time is now for cloud service providers to be proactive in showing how they protect customer data in accordance with GDPR.

By |2020-01-17T21:17:50+00:00March 25th, 2019|ISO 27001 Compliance, Privacy Compliance|0 Comments

New Guidance Clarifies GDPR’s Data Protection Impact Assessment (DPIA) Requirements

The Data Protection Impact Assessment (DPIA) is a significant new burden on data controllers under GDPR.  As many have noted, GDPR does not clearly outline when a DPIA is required, instead referring to processing “likely to result in a high risk to the rights and freedoms of natural persons.”

Article 35(4) charges supervisory authorities with developing a list of processing operations […]