Guide to GDPR Audit Checklist
ThThe General Data Protection Regulation (GDPR) is one of the most stringent data protection laws in the world. Though this regulation primarily protects the privacy and security of individuals in the European Union, its reach extends well beyond EU borders. Any organization that processes the personal data of EU residents must comply, regardless of where…
|
Aug 04, 2022
Data Portability Under Article 20 GDPR
TL,DR: GDPR Article 20 grants individuals the right to receive their personal data in a structured, commonly used, and machine-readable format for reuse or direct transfer between controllers Data portability applies only when processing is based on consent or contract performance and carried out by automated means. Manual paper records are excluded from this right…
|
Aug 01, 2022
GDPR Article 15 Right of Access by the Data Subject
TL,DR: Article 15 of GDPR gives every data subject the legal right to request and receive all personal data an organization holds about them, with the first copy provided free of charge Organizations must disclose processing purposes, data categories collected, third-party recipients, and retention periods upon receiving a valid access request submitted orally, in writing,…
|
Jul 29, 2022
GDPR Article 32: Security of Processing
TL,DR: GDPR Article 32 requires controllers and processors to implement technical and organizational security measures proportionate to the risk level, covering pseudonymization, encryption, system availability, and regular testing The article does not prescribe a fixed checklist. Organizations must assess the state of the art, implementation costs, processing scope, and risk severity to determine appropriate controls…
|
Jul 27, 2022
