Your SlideShare is downloading. ×
0
Index data protection
Index data protection
Index data protection
Index data protection
Index data protection
Index data protection
Index data protection
Index data protection
Index data protection
Index data protection
Index data protection
Index data protection
Index data protection
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Index data protection

202

Published on

Index data protection

Index data protection

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
202
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. www.yourlegalconsultants.com [email_address] Personal data protection ALL THE DOCUMENTS RELATED TO DATA PROTECTION
  • 2. www.yourlegalconsultants.com [email_address] DOCUMENTS RELATED TO DATA PROTECTION IMPLEMENTATION: 1. KEY POINTS INVOLVED IN DATA PROTECTION IMPLEMENTATION 3. RELATED AGREEMENTS 3. SECURITY DOCUMENT 4. COMPLIANCE/AUDIT CERTIFICATE 5. COMPANY INTERNAL POLICY
  • 3. www.yourlegalconsultants.com [email_address] PERSONAL DATA PROTECTION Index of practical documents and explanation of appendix documents Available in www.yourlegalconsultants.com
  • 4. www.yourlegalconsultants.com [email_address] 1. DOC: KEY POINTS INVOLVED IN DATA PROTECTION IMPLEMENTATION (1/2) This document contains key points that will help you to determine whether data protection has been correctly implemented or to determine what points are necessary to take into account in implementing the provisions of the data protection law. SOME OF THE POINTS INCLUDED IN THIS SPREADSHEET ARE SHOWN IN THE FOLLOWING Is the "company policy" document applicable to all stores and companies? Yes/No       Is there a waiver of liability clause with regard to data transfer/disclosure? Yes/No   Is there a data processing procedure to be followed by company employees? Yes/No
  • 5. www.yourlegalconsultants.com [email_address] 1. DOC: KEY POINTS INVOLVED IN DATA PROTECTION IMPLEMENTATION (2/2) Is the occupational accident information associated to personal data? Yes/No   Are e-mails sent to multiple recipients without the appropriate consent? Yes/No         Is there a procedure for the cancellation/rectification/amendment of data? Yes/No     Does your company consider that data is disclosed to third party service providers who access the data? Yes/No       Has your company been notified of the creation of a video surveillance image file? Yes/No                   The questions contained in this questionnaire lead to reflection on the level of protection being applied in a company.
  • 6. www.yourlegalconsultants.com [email_address] 2. DOCS: RELATED AGREEMENTS <ul><li>Agreement documents related to data protection implementation, available at downloads, focus on the following areas: </li></ul><ul><li>Database transfer between companies </li></ul><ul><li>This document is applicable when two companies enter into a collaboration, and therefore share databases. It is necessary to have notified owners of data clearly and precisely that both companies are proprietors of the customer database, making express mention of the names of the companies, or to have obtained the consent of data owners in order for the other company to be able to use their personal data for commercial or promotional purposes, etc. </li></ul><ul><li>B) Outsourcing data processing services </li></ul><ul><li>This document is applicable when a company outsources services to third parties, which will use the personal </li></ul><ul><li>data that is subject to the rendering of service (accountancy firms, etc.) </li></ul>
  • 7. www.yourlegalconsultants.com [email_address] 3. DOC: SECURITY DOCUMENT (1/4) <ul><li>The security document index, available at downloads, is described in the following: </li></ul><ul><li>INTRODUCTION </li></ul><ul><li>DOCUMENT APPLICATION SCOPE </li></ul><ul><li>High Level. Applied to data files or data processing. </li></ul><ul><li>Intermediate Level. Applied to data files or data processing. </li></ul><ul><li>Basic Level. Applied to data files or data processing. </li></ul><ul><li>B. MEASURES, PROCEDURES, RULES AND STANDARDS GUARANTEEING </li></ul><ul><li>THE SECURITY LEVELS REQUIRED BY THIS DOCUMENT </li></ul><ul><li>Identification and authentication </li></ul><ul><li>Access Control </li></ul><ul><li>Hardware and document log </li></ul><ul><li>File criteria </li></ul><ul><li>Data access through communication networks </li></ul>
  • 8. www.yourlegalconsultants.com [email_address] 3. DOC: SECURITY DOCUMENT (2/4) Access Control Hardware and document log File criteria Data access through communication networks Regime for work outside premises where files are located Document transfer Temporary files Copy or reproduction Backup copies Security Supervisor C. GENERAL PROCEDURE FOR PERSONNEL NOTIFICATION D. PERSONNEL FUNCTIONS AND OBLIGATIONS General functions and obligations
  • 9. www.yourlegalconsultants.com [email_address] 3. DOC: SECURITY DOCUMENT (3/4) E. INCIDENT NOTIFICATION, MANAGEMENT AND RESPONSE PROCEDURES F. REVIEW PROCEDURES Security document review Audit G. CONSEQUENCES OF NON-COMPLIANCE WITH SECURITY DOCUMENT APPENDIX I. FILE DESCRIPTION APPENDIX II. APPOINTMENTS APPENDIX III. AUTHORISATION FOR DATA OUTPUT OR RECOVERY APPENDIX IV. HARDWARE INVENTORY APPENDIX V. INCIDENT LOG APPENDIX VI. PROCESSING SUPERVISOR APPENDIX VII. HARDWARE SIGN IN AND SIGN OUT LOG
  • 10. www.yourlegalconsultants.com [email_address] 3. DOC: SECURITY DOCUMENT (4/4) CHECKLIST FOR SECURITY AUDIT 1. Aims 2. Determining the audit scope 3. Planning 3. Data gathering 4. Test evaluation 5. Conclusions and Recommendations
  • 11. www.yourlegalconsultants.com [email_address] 4. DOC: COMPLIANCE/AUDIT CERTIFICATE This document (compliance/audit certificate) has two different aims: A) It allows an expert in data protection implementation to analyse current data protection compliance for AUDITING B) It allows the expert who has implemented data protection to COMMIT to the result of this implementation .
  • 12. www.yourlegalconsultants.com [email_address] 5. DOC: COMPANY INTERNAL POLICY This company internal policy document covers the points to be taken into account, from the perspective of security monitoring of the company's internal and external communications systems, and is applicable to the systems department. The document INDEX is included: COMPANY INTERNAL POLICY 1- Data protection 2- Data processing 3- Proprietary information 4- Non-automated data 5- Work place security 6- Security of the Company’s Information Systems
  • 13. www.yourlegalconsultants.com [email_address] Thank you for your interest [email_address] If you want to buy the documents: www.yourlegalconsultants.com If you want to contract to the expert, please contact:

×