Adopting a Risk-Based Approach to GDPR Compliance
Článek na uvedené téma najdete na portálu fairdata.org.uk
http://www.fairdata.org.uk/risk_based_GDPR_compliance
Cituji z testu:
"In this brief blog we’ll highlight some of the key points to help you appreciate what this means for your organisation in fulfilling GDPR obligations."
Hlavní otázky:
( cituji část textu odpovědí )
"- What are risky processing activities?
Although the concept of risk runs throughout the GDPR, it is not specifically defined. Some examples cited in the Regulation that are more likely to result in a high risk include:
· systematic automated profiling
· large scale monitoring of sensitive data
· systematic monitoring of a publicly accessible area on large scale.
- What are the implications of the risk level?
Certain obligations and/or exemptions under the GDPR flow directly from the level of risk.
- How do I mitigate risk?
Certain obligations and/or exemptions under the GDPR flow directly from the level of risk.
To examine processing activities take a three prong approach
- What next?
Build on your organisation’s awareness of the significance of the data protection reforms and your information about the type of personal data that your organisation collects and processes, to go ahead with planning and prioritisation of GDPR compliance based on risk assessment."
