TrustArc Blog

The Solution to help Meet GDPR Article 30 Requirements

September 06, 2017

EU General Data Protection Regulation Article 30 Article 30 pertains to Records of Processing Activities. Not only do organizations have to keep records, and in addition, they have to be able to produce them on-demand. In order to meet this requirement, an organization should follow these best practices: Create a centralized, secure data inventory that can be maintained over time Provide stakeholders across the organization with visual data maps of business process flows Ensure that all information necessary for the Article 30 reports is recorded so that reports can be generated on-demand Generate a scalable, sustainable process for meeting Article 30 … Continue reading The Solution to help Meet GDPR Article 30 Requirements

September Events Spotlight: DPIA/PIA Program Webinar, Privacy & Security 2017, NorCal Information Governance Retreat

August 31, 2017

  September 12 @ 10:00 am – 11:00 am PST Online Webinar Building Your DPIA/PIA Program: Tips & Case Studies The GDPR mandates Privacy by Design and requires documented Data Protection Impact Assessments (DPIAs) for high risk processing. How can you build this into a sustainable program across your business? Having a good understanding of what DPIA/PIAs are and how to implement them can be the key to embedding privacy in the heart of your organization as well as achieving GDPR compliance. Our webinar speakers (Alexis Maas, SVP – General Counsel, Volvo Financial Services and Beth Sipula, Sr. Privacy Consultant, … Continue reading September Events Spotlight: DPIA/PIA Program Webinar, Privacy & Security 2017, NorCal Information Governance Retreat

Mastering Article 30 Compliance: Conducting, Maintaining and Reporting on your Data Inventory

August 18, 2017

As part of its Summer / Fall Privacy Insight Series, TrustArc hosted a webinar where Charles Nwasor of Ensono, Paul Iagnocco and Margaret Alson of TrustArc spoke about the EU GDPR Article 30 requirements. Article 30 pertains to Records of Processing Activities. Not only do organizations have to keep records, but also, The controller or the processor and, where applicable, the controller’s or the processor’s representative, shall make the record available to the supervisory authority on request. While creating data maps are not required, many organizations find them very useful. Data maps, or data flow maps, are visual representations of … Continue reading Mastering Article 30 Compliance: Conducting, Maintaining and Reporting on your Data Inventory

Privacy Insight Series Webinar Highlights GDPR Benchmarking Research

July 31, 2017

The European Union’s (EU) General Data Protection Regulation (GDPR) is the most sweeping change to data protection in the past 20 years, and will go into effect in less than a year. Its impact will be felt by every organization that does business in the EU, or handles personal information of EU citizens in any manner. We benchmarked the status of 200 U.S. companies’ efforts to meet privacy mandates in general, and in particular to meet the May 25, 2018 deadline for the GDPR. The survey was conducted by Dimensional Research on behalf of TrustArc. On July 26, as the … Continue reading Privacy Insight Series Webinar Highlights GDPR Benchmarking Research

GDPR: DPIAs & Risk

July 26, 2017

  TrustArc Chief Data Governance Officer and General Counsel Hilary Wandall and Information Accountability Foundation (IAF) Executive Director and Chief Strategist Marty Abrams held a webinar where they spoke about the background, requirements, and examples of DPIAs, available on demand here. First, they reviewed how the first privacy assessment methodology was developed and how comprehensive data impact assessments originated to illustrate the evolution of privacy assessments. Then, they went on to explain how the newly required DPIAs differ from traditional PIAs. While traditional PIAs focus on technical requirements for compliance, DPIAs bring in larger ethical issues. Technical requirements focus on … Continue reading GDPR: DPIAs & Risk

TrustArc Partners with Alibaba Cloud

July 25, 2017

We announced our newest partnership with Alibaba Cloud (the cloud computing arm of Alibaba Group) at the IAPP Asia Privacy Forum 2017. As data privacy increases in importance for organizations of all sizes and maturity in Asia, TrustArc saw an opportunity to partner with one of the fastest-growing cloud computing companies in the world. Both TrustArc and Alibaba Cloud believe that as organizations continue to provide excellent experiences for their customers by collecting personal data, keeping up with evolving regulations and protecting data privacy is key. Scaling a privacy program requires using a combination of privacy expertise and technology. This strategic … Continue reading TrustArc Partners with Alibaba Cloud

Subscribe to Blog