The GDPR regulation enters into effect on May 25th, 2018, in all European member states. From that day forward, any organization which collects and processes personal data will need to demonstrate compliance with the GDPR. This requires the organization to implement the GDPR in all relevant business units and functions.
This Guide includes a step-by-step plan, a business function model, and several instruments (including checklists), which can be used to analyze the current state of business systems and help in identifying omissions in compliance with the GDPR. Issues and omissions are addressed and alleviated using a risk management approach. Priorities can be managed by assigning costs to the identified risks. The business function model forms the basis for managing which person performs which actions, when and with whom.
Victor W. Alting van Geusau Esq. (LL.M.) is an experienced lawyer and auditor, and is specialized in information law and privacy law. Victor holds degrees from the University of Utrecht and University of Amsterdam law schools. He has consulted for many organizations and helped them to streamline their business processes. He has worked both as a subject matter expert and in various management positions. He has published on a variety of topics, such as project risk analysis methods, EDP auditing, system evaluation (operational quality, user satisfaction, system design and confi guration) and business processes. In his areas of expertise, Victor advises organizations in identifying and managing contract risks and regulatory requirements and in implementing compliance rules.