Privacy Compliance
Privacy is an issue that is growing in size, complexity and relevance. When you process personal data, you are obliged to safeguard the privacy of these individuals. But do you know which privacy regulations and principles your data processing must comply with? And are you aware of the risks involved in data processing?
Your organisation is expected to handle personal data with care.
In this respect, the legal framework from the General Data Protection Regulation is leading, but we also focus on specific sectoral laws and regulations. We do not only look at the formal procedural aspects, but also at the design and operation of IT systems and the technical security of personal data.
We prefer to act as preventively as possible. Data processing operations set up in accordance with the principles of 'Privacy by Design' preventively guarantee that you comply with the privacy rules. In this way you will not face any unnecessary surprises, investments will be protected and your stakeholders can rely on your systems.
Forvis Mazars can help you with
The specialists of IT Audit & Advisory have extensive experience in conducting Privacy Impact Assessments and can provide you with privacy assurance reports or certifications if required. They can also advise you on all IT and privacy related issues.
Want to know more?
Gerard Seedorf Director
Gevolgen Algemene Verordening Gegevensbescherming
Dit whitepaper geeft een overzicht van de belangrijkste gevolgen van de invoering van de nieuwe Algemene Verordening Gegevensbescherming (AVG) voor organisaties en de maatregelen die zoal getroffen moeten of kunnen worden om aan de AVG te voldoen.
DigiD and Suwinet Compliance
Does your organisation offer services with DigiD? Or do you make use of Suwinet's data services? We can help you with these issues.
De NIS2-richtlijn: hoe bereidt u zich voor?
De Network and Information Security, aldus de NIS2-richtlijn, is op 14 december 2022 aangenomen door het Europese parlement en de Raad van de Europese Unie, met als doel om een hoger niveau van cybersecurity te bereiken binnen de EU. Wat betekent de NIS2-richtlijn voor uw organisatie?
Digital compliance
Information technology and large-scale digital data processing introduce additional (privacy) risks, inherent in the use of this technology. These need not be directly visible at the level of end use.
Data Protection Impact Assessment
A data protection impact assessment (DPIA) is an instrument to identify the privacy risks of data processing in advance and then take measures to reduce these risks. A DPIA is mandatory under certain conditions.