InnoValor believes in an integral approach to privacy, which includes, in addition to legislation, users, administrative and technical aspects (privacy-by-design and privacy-enhancing technology). We regularly conduct privacy impact assessments for our customers, and specialize in chain situations where multiple parties are involved in data exchange. Aspects such as accountability, responsibility, governance and supervision play an important part. We pay extra attention on how to realize transparent and consent in a manner that users understand. A focus area is the emergence of the "Internet of Things" and sensor-based applications that involve numerous privacy challenges. InnoValor does research here and can advise.
We have done a Privacy Impact Assessment for the Ministry of Social Affairs and Employment on the SUWI-network for work and income. It turned out that not all parties in the network had their information security in order and that the mutual responsibilities were not clearly defined.
For Kennisnet, the public organization for ICT in primary, secondary and secondary vocational education, InnoValor has made an impact analysis of the privacy enhancing technology 'polymorphic pseudonyms' on the educational content chain and its own ENTREE federation for access.
Is your organisation ready for the 25th of May 2018?
The GDPR forces organisations that proces personal information to take privacy measures seriously. There will be enormous fines to consider. Complying to the GDPR is not a trivial matter. It has impact on many parts of the organisation and the impact can differ per proces.
Is installing a data protection officer enough? What should I do to ask permission from a user? What are their rights exactly? Do I need a privacy impact assessment? What should be in the processing agreement? How can I assure responsibilities?
It is important to consider the measures that need to be taken, to make the right choices and keep things as specific and contentually as possible.
InnoValor kan help by asking the right question and determining what is most important for your organisation. Want to know how to become GDPR compliant? Contact Bob Hulsebosch.