New Suite of Privacy Management Questionnaire Templates Available at OneTrust
With the EU General Data protection Regulation coming into effect on May 25, 2018, it’s important for organizations to prepare for how they will handle personal data of customers. Employees and vendors, as well as how they will conduct record-keeping to demonstrate compliance
As part of the library of more than 30 privacy assessment templates in OneTrust’s comprehensive privacy management platform, we have added new EU regulator guidance-based privacy templates for GDPR compliance. The new templates include:
Operational and record-keeping requirements are addressed in both Article 35 and Article 30 of the GDPR.
OneTrust’s in-house privacy research team analyzed and incorporated guidance from well-respected EU regulator-based sources and industry standards to create PIA and DPIA templates. Instrumental sources include:
Although data inventory and mapping is not explicitly mentioned in the GDPR, it is widely recognized that Article 30 requires an organization to conduct a data inventory and mapping exercise, and most importantly, keep it up-to-date. In creating the Records of Processing (Data Mapping) template to support this requirement, OneTrust’s research team incorporated available guidance including the CNIL’s GDPR Toolkit, the Belgian Privacy Commission’s Recommendation Concerning the Register of Processing Activities, and many additional sources.