Data Protection

Towards GDPR Compliance as a Best Practice: a Primer for Swiss SMEs

Philippe Gilliéron
Philippe Gilliéron
Category:

Articles

Region:

Switzerland

Field of law:

Data Protection

Citation: Philippe Gilliéron, Towards GDPR Compliance as a Best Practice: a Primer for Swiss SMEs, in: Jusletter IT 25. September 2018

Over the last years, privacy concerns have significantly increased, and the recent adoption of the GDPR in May 2018 coupled with the Cambridge Analytica scandal now give cold sweats to most companies. SMEs are struggling to find their way in a field they have little understanding of (if any), and find it hard to know where to start from. This paper aims at providing them some basic information and checklist to start building a privacy management program without incurring significant expenditures or being a privacy expert.

Table of contents

  • I. Introduction
  • II. Footprint towards the Setting up of Privacy Management within SME
    • A. Data Mapping
      • 1. Mapping
      • 2. Privacy Impact Assessments
    • B. Privacy Policy and Notices
      • 1. Policies and Notices
      • 2. Lawful Basis for Processing
    • C. Vendor Management
      • 1. Agreements in Place
      • 2. Future Agreements
    • D. Data Breach Response Plan
    • E. Maintain Procedures for Inquiries and Complaints
    • F. Training
    • G. Need for a Data Protection Officer?
  • III. Conclusion
Please log in to read the full text.
Register for Campus? More
Forgot password?
Login Poster
Top