TrustArc Blog

EU GDPR Article 35 – Data Protection Impact Assessment (DPIA), Part I

October 10, 2017

EU General Data Protection Regulation (GDPR)

In Part I of this two-part blog series we will give an introduction to EU GDPR Article 35 – Data Protection Impact Assessment (DPIA) and some best practices for conducting them. In Part II we will summarize the six essential elements of a DPIA program. Part I: Introduction & Background As the GDPR compliance deadline of May 25, 2018 grows closer, organizations should have a documented process for conducting PIAs and DPIAs. But before building a DPIA program, it is useful to review what a DPIA is and when it should be conducted. Data Protection Impact Assessment (DPIA) A DPIA … Continue reading EU GDPR Article 35 – Data Protection Impact Assessment (DPIA), Part I

GDPR Implementation Lagging at Majority of UK and US Companies

October 02, 2017

GDPR Research Report

A TrustArc study of UK and US based organizations with at least 500 employees found that most haven’t started their GDPR implementations yet. With only eight months to comply with the GDPR, companies all over the world are determining how best to adjust their internal systems and processes in order to address the new compliance requirements. On September 28, 2017, TrustArc announced results from surveys conducted by Dimensional Research that gauges how prepared US and UK businesses are to comply with the EU’s General Data Protection Regulation (GDPR). The US & UK surveys, completed in August of 2017, included responses … Continue reading GDPR Implementation Lagging at Majority of UK and US Companies

TrustArc Announces 25+ City GDPR Privacy Workshop Series

September 22, 2017

  TrustArc announced this week a special GDPR Privacy Workshop Series. The events, co-sponsored with Ogletree Deakins, are free and part of a global 25+ city program that will feature informative discussions, case studies, and practical solutions to achieve GDPR compliance. The Workshops are part of TrustArc’s renowned Privacy Insight Series that drew over 15,000 webinar registrations in 2016. Attendees will: Learn from industry experts who have implemented GDPR solutions across a wide range of industries Receive hands-on interactive review and tips on core GDPR compliance requirements, including: Data Mapping Building a Record of Processing (Article 30 Reports) Ongoing Risk Assessments … Continue reading TrustArc Announces 25+ City GDPR Privacy Workshop Series

The Solution to help Meet GDPR Article 30 Requirements

September 06, 2017

EU General Data Protection Regulation Article 30 Article 30 pertains to Records of Processing Activities. Not only do organizations have to keep records, and in addition, they have to be able to produce them on-demand. In order to meet this requirement, an organization should follow these best practices: Create a centralized, secure data inventory that can be maintained over time Provide stakeholders across the organization with visual data maps of business process flows Ensure that all information necessary for the Article 30 reports is recorded so that reports can be generated on-demand Generate a scalable, sustainable process for meeting Article 30 … Continue reading The Solution to help Meet GDPR Article 30 Requirements

September Events Spotlight: DPIA/PIA Program Webinar, Privacy & Security 2017, NorCal Information Governance Retreat

August 31, 2017

  September 12 @ 10:00 am – 11:00 am PST Online Webinar Building Your DPIA/PIA Program: Tips & Case Studies The GDPR mandates Privacy by Design and requires documented Data Protection Impact Assessments (DPIAs) for high risk processing. How can you build this into a sustainable program across your business? Having a good understanding of what DPIA/PIAs are and how to implement them can be the key to embedding privacy in the heart of your organization as well as achieving GDPR compliance. Our webinar speakers (Alexis Maas, SVP – General Counsel, Volvo Financial Services and Beth Sipula, Sr. Privacy Consultant, … Continue reading September Events Spotlight: DPIA/PIA Program Webinar, Privacy & Security 2017, NorCal Information Governance Retreat

Mastering Article 30 Compliance: Conducting, Maintaining and Reporting on your Data Inventory

August 18, 2017

As part of its Summer / Fall Privacy Insight Series, TrustArc hosted a webinar where Charles Nwasor of Ensono, Paul Iagnocco and Margaret Alson of TrustArc spoke about the EU GDPR Article 30 requirements. Article 30 pertains to Records of Processing Activities. Not only do organizations have to keep records, but also, The controller or the processor and, where applicable, the controller’s or the processor’s representative, shall make the record available to the supervisory authority on request. While creating data maps are not required, many organizations find them very useful. Data maps, or data flow maps, are visual representations of … Continue reading Mastering Article 30 Compliance: Conducting, Maintaining and Reporting on your Data Inventory

Subscribe to Blog