Three Core Questions of Data Privacy

2023-08-07 14:34      1002     

Three Core Questions of Data Privacy 

 

Question 1: What data are we processing?

To answer this question, we should maintain data inventories, including inventories of processing activities, assets and recipients etc. JANUCAT provides data inventories module that includes all the elements required by GDPR

 

Question 2: Are these processing compliant?

To answer this question, we should perform various assessments.

In the area of privacy compliance, we should perform impact assessment, including DPIA/PIA (Data Protection Impact Assessment / Privacy Impact Assessment), TIA (Transfer Impact Assessment ), LIA (Legitimate Interests Assessment ) etc.

In the area of security, we should perform security assessment for assets such as Web applications, mobile applications, backend services etc.

In the area of processors management, we should perform due diligence to  evaluate the privacy protection level of vendors.

JANUCAT provides assessments module including these assessment templates. 

 

Question 3: How to demonstrate compliance?

For detailed processing activity, we should prepare all compliance records of designated processing activity, and make them ready for regulatory inspection at any time.

And, we need general technical and organizational measures for regulating all processing activities, including internal policies, processess, risk management records, audit records, and records of privacy by design etc.

JANUCAT provides an accountability framework to guide compliance practices.

Free Trial

Free Trial

Copyright ©2022 JANUSEC. All Rights Reserved.