Jusletter IT

Towards GDPR Compliance as a Best Practice: a Primer for Swiss SMEs

  • Author: Philippe Gilliéron
  • Category: Articles
  • Region: Switzerland
  • Field of law: Data Protection
  • Citation: Philippe Gilliéron, Towards GDPR Compliance as a Best Practice: a Primer for Swiss SMEs, in: Jusletter IT 26 September 2018
Over the last years, privacy concerns have significantly increased, and the recent adoption of the GDPR in May 2018 coupled with the Cambridge Analytica scandal now give cold sweats to most companies. SMEs are struggling to find their way in a field they have little understanding of (if any), and find it hard to know where to start from. This paper aims at providing them some basic information and checklist to start building a privacy management program without incurring significant expenditures or being a privacy expert.

Table of contents

  • I. Introduction
  • II. Footprint towards the Setting up of Privacy Management within SME
  • A. Data Mapping
  • 1. Mapping
  • 2. Privacy Impact Assessments
  • B. Privacy Policy and Notices
  • 1. Policies and Notices
  • 2. Lawful Basis for Processing
  • C. Vendor Management
  • 1. Agreements in Place
  • 2. Future Agreements
  • D. Data Breach Response Plan
  • E. Maintain Procedures for Inquiries and Complaints
  • F. Training
  • G. Need for a Data Protection Officer?
  • III. Conclusion

No comments

There are no comments yet

Ihr Kommentar zu diesem Beitrag

AbonnentInnen dieser Zeitschrift können sich an der Diskussion beteiligen. Bitte loggen Sie sich ein, um Kommentare verfassen zu können.