What is privacy?

How should privacy be assessed?

What is the scope of privacy?

What is processing personal data?

Who are the stakeholders?

Why privacy is important within an organization?

Privacy and Risk

What risks flow is generated from the processing of personal data?

How this relates to the risk management of the organization?

Which parties are involved in materializing risk?

Personal information

What are personal data and why is it so important?

The types of categories of personal data.

The need for an inventory of personal data processed in a processing register.

Protecting personal data

All technical and organizational measures (TOM) to be taken to protect personal data and to reduce the risk.

The TOM efficiency should be monitored and so should be reported to those responsible for the operation and the risks due to inefficient or defect ran TOM.

Identification and actions of external parties involved in the processing of personal data or further processing.

Clear communication between all involved parties, eg. Customers, visitors, vendors, authorities necessary.

There processing agreements should be drawn to the roles and responsibilities, but mainly to clarify expectations.

The disciplinary measures resulting from not following the policy.

How to publish

All parties concerned should be informed which personal data processing on the policy.

internal parties

Using existing resources give access to the policy instance. Intramuros publish or distribute via e-mail.

At the start of the cooperation policy should be signed for read and understood.

external parties

Can get a copy of the policy

Should be adequately informed by the processing contracts