As part of the TrustArc Privacy Insight Series Webinars, Paul Iagnocco, Consulting Director & Senior Privacy Consultant at TrustArc, presented “One Week to Go: Are you Ready for May 25th?” This blog post will give a brief summary of that webinar; you can listen to the entire webinar and download the slides here. In this webinar Paul addressed the questions companies are facing as the May 25th GDPR deadline approaches: Is my company compliant? What if we are not 100% compliant? What happens next? This webinar focused on four main areas as they apply to the GDPR: compliance status, enforcement, … Continue reading One Week to Go: Are you Ready for May 25th? – Webinar Recap
As the GDPR compliance deadline approaches, we have seen companies assess their readiness and prioritize the areas that need additional processes, technology, and controls. While helping companies to prepare, we have seen several companies’ interpretations around GDPR applicability. The following three common scenarios highlight a few misconceptions around GDPR applicability. This blog post will discuss those misconceptions, and suggest a few things to consider in your company’s GDPR applicability analysis. Example 1 The Scenario We’ve heard the belief that GDPR does not apply to personal data obtained from public sources that is not collected directly from the data subject, … Continue reading GDPR Applicability – Three Examples You Should Know About
Companies that must comply with the GDPR should take a close look at their marketing processes to ensure that they will meet GDPR requirements. The following three examples are key places where most companies should take another look at their processes with regard to GDPR consent requirements. Marketing Outreach Email Programs Most companies’ marketing departments have outreach programs where a large database of clients and prospects are sent emails with information about new products or services. If individuals have unsubscribed, opted out, or otherwise indicated their desire that your organization stop using their personal information, your organization may not contact … Continue reading GDPR Compliance – Consent Requirements under the GDPR – Marketing Activities
As part of the TrustArc Privacy Insight Series Webinars, Ashley Slavik, Senior Counsel & Data Protection Officer, Veeva Systems Inc. and K Royal, Consulting Director, TrustArc, discussed how companies can plan for and respond to a data breach in compliance with the GDPR. Ashley and K gave best practices, suggested tools, and tips for addressing GDPR Article 33 and Article 34. This blog post will give a brief summary; you can listen to the entire webinar and download the slides here. Before going into data breach requirement details, our speakers discussed the different notification requirements for Controllers and Processors and gave examples … Continue reading 72 Hours Notice: GDPR Incident Response Management – Webinar Recap
While GDPR Articles 40-43 contain provisions outlining certification programs and codes of conduct that may be established in the future, companies are seeking efficient, independent ways to benchmark and report on their compliance efforts now. The TrustArc GDPR Validation is designed to meet that need. In a press release announcing the launch of GDPR Validation, Chris Babel, CEO of TrustArc, stated that “TrustArc is leveraging its decades of privacy certification leadership and experience to provide a GDPR validation solution that can help companies meet the needs of their customers, partners and other stakeholders — now and after the … Continue reading TrustArc Announces GDPR Validation
No matter where you are in your journey to GDPR compliance, how you meet the requirements is very important. With more than 200 pages and close to 100 different articles plus recitals, the EU GDPR introduces a broad range of privacy compliance requirements. Implementing your compliance roadmap after conducting a gap analysis will require implementing controls, measuring risk, and assigning tasks in a consistent, sustainable manner. While ad hoc processes and templates can create inconsistencies, using GDPR specific assessment templates will promote the consistency needed to meet the May 25th deadline and continue compliance beyond the deadline. To help companies … Continue reading Will Your Company Meet GDPR Requirements in a Sustainable Manner?