Nymity Research has identified 39 articles under the GDPR that require evidence of a technical or organizational measure to demonstrate compliance and has mapped these to the Nymity Privacy Management Accountability Framework. The result is the identification of 55 “primary” technical and organizational measures that, if implemented, may produce documentation that will help demonstrate ongoing compliance with your GDPR compliance obligations. The document also identifies additional technical and organizational measures that, while not considered mandatory for demonstrating compliance with the GDPR, if implemented, may produce additional documentation to help demonstrate compliance.
Framework for Demonstrable GDPR Compliance
Related Stories
Frequently Asked Questions & Resources on ‘Schrems II’
The IAPP is publishing these frequently asked questions and links to relevant resources from government authorities and privacy practitioners as a resource for privacy professionals working to respond to this significant court decision....
Infographic – How to get started in privacy engineering
Privacy engineering is a rapidly growing field in our increasingly data driven world. This infographic offers advice on how to jump start a career in this dynamic profession. It offers tips for pursuing a cross-disciplinary education, searching for career opportunities beyond Big Tech, writing abo...
White Paper – The Skill Set Needed to Implement the NIST Privacy Framework
To offer insight into the professional skillset needed to implement the NIST Privacy Framework, the International Association of Privacy Professionals’ Westin Research Center mapped the Privacy Framework’s Core to the Body of Knowledge for a Certified Information Privacy Manager....
Infographic: CCPA Enforcement
The IAPP released a series of infographics as the California Consumer Privacy Act enforcement begins July 1. The infographics highlight the civil penalties companies can face under the CCPA, and based on a survey conducted in partnership with FairWarning, 50% of IT and privacy professionals have rep...
Privacy in the Wake of COVID-19: Remote Work, Employee Health Monitoring and Data Sharing
The IAPP and EY launched a research initiative to gain more insight into the unique ways privacy and data protection practices have been affected by the pandemic. The initial phase of the project included a survey of privacy professionals, taking a deeper look at how organizations, in general, and p...