Met deze (Engelstalige) GDPR checklist heb je een eenvoudig stappenplan in handen om met jouw organisatie te voldoen aan de AVG en het begrijpen van de regels die ten grondslag liggen aan de verordening.
Lawful basis and transparency
Conduct an information audit to determine what information you process and who has access to it.
Organizations that have at least 250 employees or conduct higher-risk data processing are required to keep an up-to-date and detailed list of their processing activities and be prepared to show that list to regulators upon request. Organizations with fewer than 250 employees should also conduct an assessment because it will make complying with the GDPR’s other requirements easier. In your list, you should include: the purposes of the processing, what kind of data you process, who has access to it in your organization, any third parties (and where they are located) that have access, what you’re doing to protect the data (e.g. encryption), and when you plan to erase it (if possible).Verder lezen bij de bron