TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

Europe Data Protection Digest | Bavarian DPA releases GDPR implementation questionnaire Related reading: How GDPR is impacting the way privacy is done

rss_feed
iapp-privacycore
OneTrust_SmartPrivacy_banner_ads_300x250_20170818_
DPC17_WebBanner_300x250-COPY

The Bavarian Data Protection Authority released a questionnaire designed to assist companies assessing where they stand in terms of General Data Protection Regulation implementation, Hunton & Williams reports. The questionnaire was sent to 150 randomly selected Bavarian companies and asked questions about GDPR procedures and the responsibilities of the data protection officer, data processing activities and privacy by design, onboarding of external vendors and data processing agreements, transparency and privacy notices, accountability and data breach notifications. The DPA said it will conduct more investigations after the May 2018 implementation date, and the results of the questionnaire will be used to dictate how the investigations will proceed. Editor's Note: The IAPP has launched a new blog dedicated to the data protection officer. 
Full Story

1 Comment

If you want to comment on this post, you need to login.

  • comment Roger Edwards • May 30, 2017
    I have come across a number of companies who assume/expect passive enforcement of GDPR and measure somewhat unrealistically assess their compliance risk based on the perceived risk of a data breach. This example shows that if a helpful questionnaire can morph into an investigative tool, it significantly ups the ante in compliance concerns.  We shouldn't forget that identifying GDPR violations may be as easy as hiring a few clerks to scan Europe-facing websites to determine (first of all) if a DPO is appointed where required and then issuing a brief information request to the named DPO (the first question soliciting a brief summary of the DPO's experience and credentials).