Towards GDPR Compliance as a Best Practice: a Primer for Swiss SMEs
Over the last years, privacy concerns have significantly increased, and the recent adoption of the GDPR in May 2018 coupled with the Cambridge Analytica scandal now give cold sweats to most companies. SMEs are struggling to find their way in a field they have little understanding of (if any), and find it hard to know where to start from. This paper aims at providing them some basic information and checklist to start building a privacy management program without incurring significant expenditures or being a privacy expert.
Table of contents
- I. Introduction
- II. Footprint towards the Setting up of Privacy Management within SME
- A. Data Mapping
- 1. Mapping
- 2. Privacy Impact Assessments
- B. Privacy Policy and Notices
- 1. Policies and Notices
- 2. Lawful Basis for Processing
- C. Vendor Management
- 1. Agreements in Place
- 2. Future Agreements
- D. Data Breach Response Plan
- E. Maintain Procedures for Inquiries and Complaints
- F. Training
- G. Need for a Data Protection Officer?
- III. Conclusion
Loggen Sie sich bitte ein, um den ganzen Text zu lesen.
There are no comments yet
Ihr Kommentar zu diesem Beitrag
AbonnentInnen dieser Zeitschrift können sich an der Diskussion beteiligen. Bitte loggen Sie sich ein, um Kommentare verfassen zu können.
No comments