Aristi believes the GDPR is an important step forward for clarifying and enabling individual privacy rights.
The General Data Protection Regulation (GDPR) imposes new rules on organizations in the European Union (EU) and those that offer goods and services to people in the EU, or that collect and analyze data tied to EU residents, no matter where they are located.
Enhanced personal privacy rights
Increased duty for protecting data
Mandatory breach reporting
Significant penalties for non-compliance
What are the key changes to address the GDPR ?
Individuals have the right to:
- Access their personal data
- Correct errors in their personal data
- Erase their personal data
- Object to processing of their personal data
- Export personal data
Controls & notifications
Organizations will need to
- Protect personal data using appropriate security
- Notify authorities of personal data breaches
- Obtain appropriate consents for processing data
- Keep records detailing data processing
Organizations are required to:
- Provide clear notice of data collection
- Outline processing purposes and use cases
- Define data retention and deletion policies
IT and training
Organizations will need to:
- Train privacy personnel & employee
- Audit and update data policies
- Employ a Data Protection Officer (if required)
- Create & manage compliant vendor contracts
we can help you get GDPR-ready
The GDPR will transform how personal data is collected, shared and used globally, and has been described by experts as ambitious, complex and strict. All organizations will have changes to make in policy, processes and contracts, as well as in technical and organizational compliance measures. In some instances, those changes could be complex and significant.
OUR GDPR SERVICES
GDPR Gap Analysis
Get a detailed assessment showing your organizations current GDPR compliance posture, and a remediation plan to address the gaps and risks.
GDPR Data Flow Audit
Get an inventory of the personal data held and shared by your organization, and a data flow map of your processes.
Data protection impact assessment
Get an assessment of the data protection risks associated with your new process and a remediation plan to mitigate those risks.
GDPR transition services
Data Protection Officer (DPO) assists internally on all matters relating to privacy and data protection as well as GDPR compliance. The DPO takes over privacy and data protection tasks, staff training, and can serve as an independent expert both internally as well as towards customers or the Data Protection Authorities.DPO can take over all tasks required by the GDPR and all roles can be adjusted towards specific needs. The role of a fully outsourced DPO includes the tasks described in the EU’s General Data Protection Regulation, article 37-39.
DPO as a Service
- Takes over the role of the Data Protection Officer in an organization in line with GDPR requirements
- Serves as an independent expert inside an organization
- Deals with privacy and data protection issues and offers internal advice
- Trains staff on data protection matters and raises privacy awareness
- Helps with GDPR compliance & conducts all relevant communications with the Data Protection Authorities
- Aids or deals with customer communications on privacy and data protection matters.
- Mitigates privacy risks & defines data request processes
- Conducting a required Privacy Impact Assessment
Aristi’s DPO as a Service has different levels from which a suitable option is chosen for the customer.