Organizations struggling with the challenges of meeting the European Union's (EU) General Data Protection Regulation (GDPR) 2016/679 Article 28 "Processor" directives should utilize this Tool Kit. Data processors (service provides) can also use the Tool Kit proactively to prepare for requests from data controllers (outsourcers), as well as to guide their own information requests to sub-processors.
With the May 25, 2018 deadline for GDPR compliance, stringent new requirements will be imposed on how controllers may appoint and monitor processors. GDPR changes to privacy rules over processors include:
Compliance liability for data protection will now extend to data processors.
Prescriptions for certain matters must be stipulated in contracts or other legal engagements.
Both controller and processor third party vendor management programs may require additional due diligence to meet the new requirements.
This GDPR Privacy Tool Kit was designed by the Shared Assessments Program's Privacy Committee ? a leading group of cross-industry third party risk management privacy professionals ? as a flexible set of tools and templates that any organization can incorporate into their third party risk management structures and processes.
The Tool Kit:
Provides preliminary guidance for both controllers and processors to effectively evaluate and manage third party data processor risk under the GDPR.
Contains tools, contract provision and examination artifact checklists and templates that can be utilized to evaluate the readiness and maturity of the existing controls against a broad range of GDPR privacy-relevant requirements.
Components can be leveraged by organizations as a standalone privacy assessment of the third party relationship, or be incorporated into the organizations' entire Vendor Risk Management program.
About the Shared Assessments Program As the trusted leader in third party risk management, the member-driven Shared Assessments Program has been setting the standard in third party risk assessments since 2005. Shared Assessments Program members work together to build and disseminate best practices resources that give all risk management stakeholders a faster, more rigorous and efficient means of conducting security, privacy and business resiliency control assessments. For more information, please visit http://www.sharedassessments.org.
MEDIA CONTACT: Jenny Burke, Senior Vice President of Communications & Marketing O: 505-466-6434 C: 512-576-9356 [email protected]
SOURCE The Santa Fe Group, Shared Assessments Program
Rakovina Therapeutics Inc. a biopharmaceutical company committed to advancing new cancer therapies based on novel DNA-damage response technologies announced the financial results for its fourth quarter and fiscal year ending December 31, 2023 and...
ReNAgade Therapeutics, a company unlocking the limitless potential for RNA medicines, today announced its ongoing commitment to exploring the therapeutic opportunity of glycobiology through support for ongoing research at GanNA Bio, and the...
Tribe Property Technologies Inc. (the "Issuer" or the "Company") , a leading provider of technology-elevated property management solutions, today announced that it expects to complete and file its 2023 Annual Filings (as defined below) on or before...
The Korean Cultural Center New York (KCCNY), a branch of the Ministry of Culture, Sports and Tourism of the Republic of Korea, is proud to present a special exhibition "Whanki in New York," from May 2 to June 13, 2024. This exhibition commemorates...
Aspire Health Alliance ("Aspire Health") is a company headquartered in Braintree, Massachusetts, that provides behavioral health services in the community. Aspire Health experienced a data security incident that may have involved personal and...