One of the requirements of the EU General Data Protection Regulation (GDPR) is that controllers of personal data have written contracts with each of their processors, meaning the people and entities processing personal data on the controller's behalf.
The GDPR also sets out a list of requirements of what must be covered in a contract with a processor.
Download our checklist to see whether your controller-processor agreements cover all of the required points.
Interested in this hot topic?
Join us at our Privacy Breakfast on 5 December 2018
"How to deal with a data breach"
Almost daily there are media reports of data loss, theft or unauthorised access. According to the Gemalto Breach Level Index, there are more than 7 million data breaches worldwide every day. Only 4% of compromised data is encrypted.
Data breaches can be a breach of contract and lead to claims for damages. They can also trigger reporting obligations to the authorities and possibly obligations to inform the affected individuals, with the possibility of substantial sanctions if a report is not filed. The EU General Data Protection Regulation (GDPR) contains such reporting and information obligations.
According to the GDPR, companies are generally obliged to report personal data breaches to the competent authority within 72 hours of becoming aware of a breach. Depending on the type of incident, the individuals concerned may have to be informed as soon as possible.
Internal processes for detecting, investigating and reporting violations are indispensable in order for a company to meet these requirements.
Over a light breakfast, we would like to discuss best practices for such processes and how to proceed based on a short case study.
This privacy breakfast is intended for people that are interested in data protection, in particular internal data protection officers, legal counsels or compliance officers. Registrations from practicing peers from other law firms will not be considered.
Interested? Register by 28 November 2018 by clicking here.
If you liked this article, you might be interested in reading: