ePrivacy Regulation - ePR, stays for REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications), expected to be released in 2019 ... Be prepared! it is realy challenging for IT&C providers !
GDPR stays for REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). You may download the document here:
REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL - English / Romanian
The GDPR Compliance is already a pressing subject as long as Romania, as part of EU, and all the organizations that own and / or process EU data subject of the data privacy (worldwide) have to comply with the General Data Protection Regulation (GDPR). GDPR is directly applicable in all member states and worldwide without the need for implementing national legislation.
Main Changes under GDPR:
-
records register of processing personal data
-
data security as processing principle
-
new rules on contracts with processors
-
data protection officer
-
data protection impact assessments
-
risk assessment
-
new information content
-
privacy by default and by design
-
changes in rules on consent
-
access rights, right to be forgotten and portability
-
biometrics / profiling / special records
-
data breach notification within 72 hours
-
prior consultation on sensitive operations
-
data management & information security
The consequence off all above mentioned is the clear need to adapt and to transform your organization’s way of doing business accordingly with the EU regulations and their new characteristics.
Our Services
Blue Lab Consulting helps organizations comply with GDPR through structured accountability based on implementing appropriate accountability mechanisms such as policies and procedures. Putting in place appropriate accountability mechanisms are the foundation for complying with the GDPR, as it enables organizations to demonstrate compliance at a project level and at an organizational level, both required by the GDPR
In accordance with our experience and expertise, during the implementation of the GDPR Compliance program within organizations, Blue Lab Consulting (partners / senior consultants, the associated lawyers, and operational team) offer support and assistance into the following phases to compliance:
- GAP > GAP Analysis & Diagnostic - Records of Processing Activities Data Inventory, Data protection impact assessment and Risk assessment are an Outcome of this phase;
- PLAN > Strategy & Transformation Planning;
- EXEC > Execution for Compliance Approach / Change Management - Implement, Maintain and Demonstrate;
- DPO > Data Protection Officer outsourcing services - ongoing compliance -'DPO's will be at the heart of GDPR legal framework for many organisations, facilitating compliance with the provisions of the GDPR.
- CERT > "GDPR compliant" certification - Third Party Reporting
Blue Lab Consulting is runing the GDPR Compliance Program, in order to enhance the most appropriate level of compliance related to GDPR, with at least the following components:
- legal advice
- organizational & processes transformation
- policies and procedures
- information security
- systems updates / upgrades, and
- overall package of internal & external documentation related to data privacy, from legal and compliance perspectives.
|