Data protection and GDPR
If you are obligated by the new legal position to appoint a controller for data protection, you have the possibility to appoint an external controller by secopan. Another novelty is that the official internal controller for data protection, as is so far mandatory in several federal states, can be replaced by an external controller.
The advantage of an external controller is that they are not subjected to a higher dismissal protection. Furthermore, as a general rule, they do not lead to conflicts of interest, which could prevent the appointment of a qualified internal employee.
On basis of our experiences in the areas of IT security and certification according to ISO/IEC 27001 we are perfectly prepared to bring your IT and your company the required protection level with regard to the explicitly mentioned principle of data security according to article 32 GDPR.
In any case the management does need to fulfil the minimum requirements of GDPR at its own risk. Do not take this challenge up on your own and draw on our competent services.
Overview of our services:
- Consultation on data protection
- Providing an external controller of data protection
- Consultation on implementation
- Draw up of required documentation
- Informed advice by two fully qualified lawyers
- Support in case of a data protection incident
Building an effective management system is one of the core capabilities of secopan.
We successfully proved this in several projects in the area of constructing information security management systems (ISMS).
We check on site which measure you have to take, help you make a directory of all data processing activities as well as the corresponding data protection impact assessments. Naturally we assist you in adapting your declarations of consent to the new guidelines and check if your data processors fulfil the current standard European requirements.